Page 42 - Part 1 Introduction to Telemedicine
P. 42

SVMIC Introduction to Telemedicine


                   The question often arises asking whether especially secure,

                   encrypted channels are mandatory for telemedical
                   communication. The answer is technically complex. Encryption is

                   not strictly mandatory under HIPAA. The situation faced by
                   providers is that, in the face of an actual breach, or even a

                   complaint or inquiry about a potential unauthorized disclosure, the

                   investigating agency will retrospectively ask, “Could this have been
                   prevented if a better level of security had been used?” The answer

                   will almost always be, “Yes.” In that case, the event may be viewed
                   as a violation. The good news is that security has been a

                   paramount concern for teleconferencing and health information

                   technology vendors for a decade, and many applications that were
                   originally distributed with almost no protection now use the same

                   safeguards as “secure” applications. The bad news is that installing
                   and configuring applications may require some technical expertise,

                   for which the provider is responsible.


                   From a strictly technical standpoint, the responsibilities of
                   telemedical practitioners pertain to:


                         Appropriate selection, installation and maintenance of
                           equipment and software


                         Training users in safe and effective operation

                         Protecting and securing infrastructure from natural and
                           human hazards

                         Assuring confidentiality, integrity and availability of systems

                           and information

                         Assuring that information from telemedical transactions is

                           linked to the patient record in a timely way, labeled with
                           valid metadata, securely stored and backed up, monitored







                                                        Page | 42
   37   38   39   40   41   42   43