- Security Issues
- Steve Daviss, M.D.
Having a solid understanding of security issues related to telepsychiatry technology is paramount to a successful telepsychiatry practice. A clinician should bear in mind the following considerations related to security and telemedicine:
- Use a secure, trusted platform for videoconferencing
- Make sure your audio and video transmission is encrypted. The Federal Information Processing Standard (FIPS) 140-2 is used by the United States government to accredit encryption standards. Encryption strengths and types can change.
- Make sure your device uses security features such as passphrases and two-factor authentication. Your device preferably will not store any patient data locally, but if it must, it should be encrypted.
- Compliance with HIPAA (Health Insurance Portability and Accountability Act of 1996) is essential. HIPAA sets a minimum federal standard for the security of health information. States may also set privacy laws that can be even more strict, so be sure to check any relevant statute for the state in which you practice.Just because software says its HIPAA-compliant isn’t enough.
- Be sure your devices and software use the latest security patches and updates. Install the latest antivirus, anti-malware, and firewall software to your devices. If you’re part of an institution with IT staff, they should approve of and manage your device.
- Practice Guidelines for Videoconferencing-Based Telemental Health (October 2009)
- Practice Guidelines for Video-Based Online Mental Health Services (May 2013)
- Realizing the Promises of Telehealth: Understanding the Legal and Regulatory Challenges. Trendwatch, American Hospital Association, May 2015.