Telehealth services must prioritize cybersecurity

With recent increases in COVID-19 cases around the Asia Pacific and the world, many are now opting to use telehealth services when it comes to dealing with a variety of health concerns.

Some governments are also undertaking developments and projects to ensure that healthcare delivery in rural or remote locations is not left out.

This includes developing virtual care platforms to deploy telemedicine technology.

In Southeast Asia, telehealth services are spread out across ASEAN nations. While there are some international providers, there have also been local startups providing such services.

For example, Vietnamese startup Med247 operates medical apps and care facilities across Vietnam. The company has developed a hybrid platform that combines traditional health models with telemedicine technology via an app for patients and doctors to bring affordable healthcare to all.

Over in Myanmar, Malaysian telehealth provider, DOC2US has expanded its services to the country via a technical partnership with HOPE Telecare, in the hopes of accelerating digital healthcare development in the country.

HOPE Telecare is Myanmar’s all-in-one digital healthcare platform that provides free online healthcare services by volunteer doctors.

Meanwhile, in Singapore, there are at least nine providers of telehealth services that are currently supporting thousands of patients isolated under home recovery and quarantine orders.

More providers are expected to be tapped in as cases continue to increase in the island nation.

Securing telehealth services

As demand for telemedicine and telehealth services increases, there is now concern about the security of the data being collected and transmitted from these platforms.

Healthcare data continues to be one of the most sought-after data by cybercriminals — and now, telemedicine services are also being targeted by them.

According to research by Global Kaspersky, 30% of healthcare providers have experienced cases where their employees compromised customers’ personal information during remote consultations.

Also, almost half of providers believe that their clinicians don’t clearly understand how patients’ data is protected. 67% of them believe it is important for the healthcare sector to collect even more personal information to further industry development.

Most telehealth services are normally conducted over an app or platform designed specifically by the provider. However, research showed that 54% of respondents admitted that some clinicians conduct remote sessions using apps not specifically designed for telehealth. The use of FaceTime, Facebook Messenger, WhatsApp, Zoom, and others are among these apps.

For Prof. Chengyi Lin, Associate Professor of Strategy at INSEAD and an expert in digital transformation, the evolution of digital health requires healthcare data to be carefully curated, managed and governed.

“This information is also valuable to individuals and the healthcare system to improve outcomes and reduce costs. We have already seen encouraging results from using big data for better clinical trial design and reducing both time and costs.

“We can leverage technologies to ensure privacy while delivering the benefits, for example, using additional privacy measures to facilitate the adoption of AI,” explained Prof Li.

For Denis Barinov, Head of Kaspersky Academy, the more complex and critical technology is, the more awareness it requires from people who work with it. He pointed out that this is particularly important for the healthcare industry entering the new digital stage and increasingly facing issues connected to privacy and security.

“But it’s not only about awareness – for any security training to be effective, it should not only deliver up-to-date information but also inspire and motivate people to behave safely in practice,” he commented.

With telehealth services expected to be an integral part of healthcare in 2022 and beyond, healthcare organizations need to ensure they have a proper cybersecurity framework not only on how they handle their patient data but also the tools they are using for the service.

This includes having clear guidelines on external services and resources allowed as well as a robust password policy.

The process may sound tedious but it’s the only way of ensuring the services provided are secured.

---

---

---

---