Every month, we compile the most compelling healthcare privacy and security related news stories. Below, you’ll learn about the future of medical technology in the time of COVID-19, the rise of ransomware cyber attacks in the wake of the crisis, and more.
As COVID-19 continues to make an impact across the world, health systems have been rapidly adapting to regulatory compliance and technology changes. And as more patients seek out telehealth care in place of a physical office visits, the use of medical devices that remotely monitor vital signs has expanded. From monitoring patients in their home to personalizing care for patients with serious conditions, using technology to track patient health from their homes has become “the new norm” for practitioners.
But how can you make sure that the technology being used is accurate, safe, and reliable? Read more in the full article by MobiHealthNews.
On April 9th, the Department of Health and Human Services’ Office for Civil Rights (OCR) released a notification of enforcement discretion, stating that potential HIPAA violations will not be penalized at community-based COVID-19 testing sites.
Acting retroactively as of March 13th, the enforcement discretion enables providers and business associates to share a limited volume of patient data in good faith to help operate public COVID-19 testing sites.
“We are taking extraordinary actions to help the growth of mobile testing sites so more people can get tested quickly and safely.” – Roger Severino, Director of the OCR
According to Don Rucker, Head of the Office of the National Coordinator for Health IT (ONC), the aim of interoperability is to transition a healthcare system from one that focuses on the needs of providers and payers to one where patients have control over their own care.
“What the goal really is, is to give patients electric modern software control of their medical care, of their chart and of their information,” said Rucker during a HIMSS20 Digital Session. “To use a nerd word, it’s to give the patient agency.”
With greater interoperability, patients could access their personal health information easily via smartphones and other devices – and ensure that they have a right to directly access that data. To learn more about why patient access to their own data is so vital during this challenging time for healthcare, read the full Healthcare Finance News article.
In the past few months, the impact of COVID-19 has been ubiquitous, affecting lives across the world, much like the way information is digitally transmitted. Whereas healthcare providers had a year to prepare for the 1918 outbreak of the Spanish Flu despite the lack of enforced lockdowns, what took months to transpire in 1918 happened over the course of weeks in 2020.
In spite of those drastic changes, the approach to healthcare that includes visits to brick-and-mortar offices, clinics, and hospitals remained very much the same over the last century. If one positive transition has been made as a result of COVID-19, it has been the transition to widespread telehealth services and the increased use of technology for communication and patient care. But this change hasn’t come without risks to cybersecurity. In this Healthcare IT News article, read more about the security challenges and best practices for telehealth and healthcare IT throughout the time of COVID-19.
In the wake of the COVID-19 crisis, cyberattacks have been increasing in number. Because many health professionals are now operating in a remote work environment, along with the increased need for supplies of personal protective equipment (PPE), criminals are exploiting the increased attack surface to launch ransomware attacks, phishing attempts, and selling vital equipment such as COVID-19 test kits for exorbitant prices – reaching up to a 400%-500% markup.
Microsoft has warned hospitals to be watchful for ransomware attacks targeting VPNs and other devices. The company identified a particular ransomware campaign called REvil (formerly called Sodinokibi), which takes advantage of vulnerabilities to an organization’s VPN and holds them for ransom.
For more information, read the full Healthcare IT News article.
A surge in the use of healthcare technology and surveillance throughout COVID-19 has amplified the debate surrounding healthcare data privacy throughout Europe. Countries worldwide have already established tracking software, from Poland’s self-quarantine app that requires anyone under a mandatory two-week quarantine to upload a selfie to confirm their address to South Korea’s Corona 100m app, which tracks confirmed cases and informs citizens when they come within 100 meters of anyone affected by COVID-19.
As a result, Europe has been considering the balance of surveillance for the common good and the right to individual privacy.
“What’s fascinating is that in the discussion around health data sharing, we are seeing the playing-out of a parallel with social distancing,” said Petra Wilson, European Program Director at the Personal Connected Health Alliance. “It’s the same balance: personal protection versus the public good. If we all agree that data is the new fuel for our systems and structures, it becomes a major aspect of the common good.”