Page 42 - Part 1 Introduction to Telemedicine
P. 42
SVMIC Introduction to Telemedicine
The question often arises asking whether especially secure,
encrypted channels are mandatory for telemedical
communication. The answer is technically complex. Encryption is
not strictly mandatory under HIPAA. The situation faced by
providers is that, in the face of an actual breach, or even a
complaint or inquiry about a potential unauthorized disclosure, the
investigating agency will retrospectively ask, “Could this have been
prevented if a better level of security had been used?” The answer
will almost always be, “Yes.” In that case, the event may be viewed
as a violation. The good news is that security has been a
paramount concern for teleconferencing and health information
technology vendors for a decade, and many applications that were
originally distributed with almost no protection now use the same
safeguards as “secure” applications. The bad news is that installing
and configuring applications may require some technical expertise,
for which the provider is responsible.
From a strictly technical standpoint, the responsibilities of
telemedical practitioners pertain to:
Appropriate selection, installation and maintenance of
equipment and software
Training users in safe and effective operation
Protecting and securing infrastructure from natural and
human hazards
Assuring confidentiality, integrity and availability of systems
and information
Assuring that information from telemedical transactions is
linked to the patient record in a timely way, labeled with
valid metadata, securely stored and backed up, monitored
Page | 42
