Even before in-person doctor’s visits paused to abide by social distancing measures, the use of video technology was starting to be used by clinicians to consult with patients virtually. Back in January of 2020, the Webex UX research team conducted a study with healthcare providers and patients who recently used or provided care through telehealth. We interviewed 8 patients and 10 providers, with specialties across cardiology, emergency medicine, patient education, pharmacy and orthopedics. A common belief among providers we spoke to was that their patients were not tech savvy. The providers thought their patients would be reluctant or unable to download an app or join a video appointment from a URL link. As a result, providers frequently resorted to applications that were already installed on patients’ smartphones.
In using such services, providers could unknowingly expose their patients, themselves, and their employers, to cybersecurity risks. In our study, providers described taking privacy measures, like doing video calls from a private office, room, or even bathrooms to ensure no one overhead patient information. While some providers understood that the applications they used with patients did not support their HIPAA compliance, they still resorted to using them, often from the perception that their patients wouldn’t want to learn to use a new app or service. We also found in our study that patients had even fewer security concerns — many assumed that since they’d already shared significant personal information with their healthcare providers, using video software for a telehealth appointment was no different. Combined, these lax attitudes may be exposing patients, providers, and employers to unnecessary risk.
As telehealth becomes the new normal, how can we make it easier for healthcare providers to use a secure video service for telehealth? At Cisco Webex, we take our customers’ data security seriously and we are dedicated to providing world-class collaboration that is simple, scalable, and designed to meet your HIPAA compliance needs.
As a result, we have a few ideas on how to strengthen virtual healthcare appointments and keep patients’ data safer.
- Educate providers on the importance of using a videoconferencing service that has security designed into the product and supports the provider’s HIPAA compliance requirements.
- Regularly update healthcare providers on cybersecurity best practices through training, documentation, and webinars. For example, educate providers about secure screensharing. When providers share their screen during a video appointment, they should choose to share by application instead of their entire desktop. That way, they avoid accidentally exposing patient data to the wrong person.
- An aspect of providers’ reliance on consumer apps stems from the perception that patients are not tech savvy. Providers and schedulers can instruct patients to take video calls from their computer’s browser to avoid having to download an app. Patients can also join meetings with audio-only options with one-touch join, allowing patients to join appointments over the phone’s audio without relying on data. By reducing the steps required when patients are joining a telehealth appointment, providers help keep their data secure.
To learn more about keeping patient and provider data safe, check out our Transitioning to Virtual Healthcare page, and this blog on how we protect your Webex healthcare data.
Additional contributors: Nishchala Singhal, UX Researcher and Mani Pande, UX Research Manager