By Arthur A. Burley 
Many industries have had to change their business models due to the coronavirus. This is also true for healthcare. Many establishments needed to change their processes to keep people safe at home and minimize the risk of contagion.
Emergency departments began triaging patients by phone. Clinics started offering virtual visits, and hospitals stopped performing elective surgery to accommodate the increasing number of COVID-19-related patients.
Many operational changes required technology already in place or needed to be quickly implemented with new software and processes. This created more stress for staff and was not well understood by many. The training was required to handle the additional workload from coronavirus patients.
However, the urgent need to find solutions quickly outweighed the time and research into technology implementation. Many healthcare professionals could use Zoom to communicate with their patients or send sensitive information via email. However, they didn’t take the time to consider the privacy and security issues that could arise.
The Health Insurance Portability and Accountability Act was created for a purpose. Even though the pandemic was a shock to many, HIPAA compliance should be maintained in all technology used for documenting, transmitting, and retaining sensitive patient information.
Many healthcare facilities have already set up COVID-19 workflows and can now work around other procedures. It’s time for us to look at the security of the technology being used.
Remote Healthcare Workers: Technology Landscape
Technology can be used in healthcare settings to include small devices and larger software and systems. These technological devices and machines can be used in a variety of ways. Not all stores important data.
What have security measures been put in place to protect the technology used within healthcare institutions? Does it apply to all machines? Is it the same for every building? It is not possible to know what buildings require high security.
It is important to ask yourself the following question: What technology stores? Everything must be secured if you have any answers, including patient data, lab reports, or personal staff information. Sharing and viewing of data must adhere to HIPAA policies.
However, not all practices and clinics have an IT (IT) team. Many rely on the procedures and software in place. It is important to have security and privacy measures for technology, both within the software and the cloud.
HIPAA compliance became crucial due to the coronavirus pandemic, which forced healthcare workers to communicate with patients using methods that didn’t require in-person visits. Some would video-chat or call their patients via zoom to communicate important information about the software that was not HIPAA compliant. Patient data could be hacked.
Ransomware attacks were extremely common during the coronavirus epidemic. Blackbaud’s September 2022 data breach was the most severe. HealthITSecurity reports that the breach affected sensitive data from more than 24 providers and 10,000,000 patient records. This breach resulted in over $6 million in damages.
Larger companies must work with IT departments to improve security for employees working remotely or conducting virtual visits via chat, phone, or video. However, smaller practices have needed to examine the technology in place and determine what they could do to make it more secure from wherever they practice.
This resulted in the adoption of HIPAA-compliant telehealth solutions and the integration of patient portals into EHRs to increase data security and private document transfer.
Healthcare Communications Moving Forward
Anyone working in the healthcare industry knows that HIPAA policies and standards are important. The healthcare landscape has changed significantly since the 25th anniversary of its adoption.
Over 108,000,000 people have been affected by the coronavirus, and there are more than 27 million COVID-19 cases reported in the United States. This has led to new privacy regulations.
While the electronic systems used by healthcare workers to record virtual encounters usually use practice management or electronic health records software, it is not always secure. The method they communicate with patients is also not secure. If you are highly encrypted, sharing sensitive information via email, video chat, or phone is not HIPAA compliant.
How can healthcare professionals, owners of practices and hospitals keep HIPAA-compliant communications open with patients and their peers in a world where there is a constant threat to public health? Start by reviewing the current processes of healthcare establishments and ensuring that they include remote work and any other workflow changes made by COVID-19. This could include data access, document disposal when workers leave the office, security measures and vendor management of PHI for workers working remotely. Privacy compliance programs are just a few examples.
Virtual care will be more important as quarantine, and other restrictions are enforced in some areas and states. This will make HIPAA compliance more crucial. It is crucial to use secure communication methods, documenting, storing, and sharing patient data in encrypted settings that individual staff can access from any location.
Healthcare is changing. It relies on virtual communication, cloud computing, and other technologies. Data encryption must be considered further. Cyberhackers and data breaches are unnecessary when the pandemic is already so severe. Security is essential.