Did that headline stump you? Do you think of telehealth as offering more privacy or less privacy than an in-person visit?
We live in interesting times and not just because of Covid-19. Data breaches, identity theft and other data privacy and security breaches nowadays seem to be the norm rather than the exception.
So it comes to no surprise that many distrust technology, seeing it as less secure than the traditional ways that we have been used to.
Many of us also heard in April and May about the series of security and privacy problems of the popular video platform Zoom. From “zoombombing” by unwanted visitors in your meeting rooms to the lack of actual end-to-end encryption, Zoom’s popularity quickly identified major flaws. Zoom, unlike other technology vendors, acted swiftly and promptly and over 6 weeks rolled out a number of fixes and modifications to its default settings.
The Privacy of Telehealth
So what about telehealth visits? Are they secure? Are they private?
In my assessment: Yes, absolutely. At least they are more secure and more private than an in person visit.
Let me explain.
Imagine that in the wake of the Covid-19 health crisis your mental health and anxiety took a turn for the worse. It’s a condition you’ve had successfully under control though you’ve been keeping it private, because of the stigma associated with “seeing a shrink”. Unless of course, you’re a character in a sitcom that lives in a Metropolitan area and roams in circles where it’s a rite of passage to have your own personal counsellor.
So with your anxiety flaring up, you seek medical care and schedule an appointment with your local counsellor. And this is where your privacy very well ends.
As you pull in your easily recognizable yellow Volkswagen Bug and park it in the lot, two patrons of the hardware store across the parking lot take note of your car. As you enter the building, you check in with Rhonda, the young woman who was a friend of your daughter’s all through high school. She professionally yet quite cheerfully greets you and you wonder how long it will take for your daughter to find out you just visited the counsellor’s office.
As you take a seat in the waiting room, your next exposure awaits: Mrs. Jones from the church board winks at you conspiratorially, obviously also feeling a little caught.
Finally, a few minutes after Mrs. Jones was escorted to the visit with her counsellor, as you are being led down the hallway to your visit, you overhear some fragments of Mrs. Jones’s conversation drifting through the thin doors into the hallway.
Just because it’s electronic, does not mean it can be stolen
I’ll stop here with my little vignette as I’m sure you get the picture. An in person visit – whether you are seeing your endocrinologist for your onset diabetes, a counsellor for your anxiety, or a urologist: if you live in a relatively small community, chances are that your visit is not as private as you’d like it to be.
In a telehealth visit, it’s a direct, encrypted connection between the clinician and the patient. There are no waiting rooms with noisy neighbors, colleagues or members of the community. There is no chatty front desk person (“Oh, I just saw Martha in our office the other day”) or any other indication that you are having a clinical visit. And no one can listen in to your conversation through the door or thin walls.
Most HIPAA-secure video conferencing technology uses end-to-end encryption, which means that the conversation is scrambled before it leaves your computer and unscrambled at the other end. And while an employee may be able figure out who’s who in an ongoing video chat (by knowing the digital addresses — the IP address — of both parties), the technology vendor’s HIPAA training and access tracking logs deter any “coincidental” data breach.
Another aspect of why telehealth visits are secure is that the majority of a conversation between a patient and a clinician is mostly irrelevant. It’s much more lucrative to break into an electronic medical record, download thousands of records and gain access to the visit notes entered by the physician. But to listen into a single 12-minute conversation (if one could even break through the encryption), to discern the relevant or incriminating bits of information and then use this information to damage the patient seems incredibly far fetched for me.
With a telehealth visit, you are in the private comfort of your own home (and any room mates could obviously overhear your end of the conversation). With a proper set up, the clinician on the other end can also ensure the privacy of the conversation.
The Privacy of Traditional Technologies
Before we exhibit anxiety around the use of technology, lest we not forget about the common technologies currently used in the physician’s office.
These days, we readily use the phone to share personal or private information. While cell phone conversations are inherently better protected (due to encryption of the wireless signals), most physician offices are still using traditional landline phones.
Remember wiretapping? The scandals of the 60s and 70s? Getting access to a phone line (especially in an office setting) is easier than you think.
Finally, there’s the privacy-breach-prone technology of the fax that is still highly used in healthcare to send protected health information back and forth between offices. With little to no safeguards, any medical information faxed can be viewed and glanced at by virtually anyone with access to the fax machine.
I get that some people are wary of new technology and protecting the privacy of your clinical care is very important.
But given the circumstances under which we often receive “traditional” care, the accidental exposure of confidential information is much more likely than in a pure, clean telehealth environment.
So go ahead and book your next telehealth appointment. I’m very confident that your conversation will be private.
To receive articles like these in your Inbox every week, you can subscribe to Christian’s Telehealth Tuesday Newsletter.
Christian Milaster optimizes Telehealth Services for health systems and physician practices as Interim Telehealth Program Director. Christian is the Founder and President of Ingenium Digital Health Advisors where he and his expert consortium partner with healthcare leaders to enable the delivery of extraordinary care.