Nebraska Statewide Telehealth Network

About Us

About The Network
Contact Information
Funding The Network
History & Overview
Impact & Usage
Map
Mission & Vision
Operations & Governance
Partners / Organizations
Participating Hospitals
Scheduling
Technology

Telehealth Info

What Is It?
Benefits
Links

Clinical Services

Clinical Services
Mental Health
Medical Interpreting
Teleradiology

Educational Opportunities

Grand Rounds
CME Opportunities
Tips for Videoconferencing
Tips for Presenters

For Physicians & Healthcare Providers

How to Refer
Licensure/Malpractice/Credentialing
Reimbursement
Privacy & Security (HIPAA)
Tips for Videoconferencing
Tips for Presenter

For Patients

FAQ's
Patient Evaluation

For Hospitals & Clinics

Using System & Training Materials
Evaluation
Privacy & Security
Emergency Alerts
USF & NUSF
Reimbursement

For Public Health Departments, Labs & State Agencies

Using System & Training Materials
Evaluation
USF & NUSF
Technical Support

News

Headlines

Hospital Privacy & Security

Because by its very nature, telemedicine means that protected health information can potentially be sent anywhere in the world in a matter of seconds (your results may vary), the red privacy flag seems to be raised. Telemedicine consults typically include a variety of protected health information about the patient. An electronic medical record may be included in the real-time or store-and-forward transmission, or some other kind of attached file may contain most kinds of protected data. One could easily imagine the shuttling of social security numbers, names, addresses and medical conditions to a distant medical center. After the distant provider renders his or her consultation, the patient's information could be sent any number of places or left carelessly on the telemedicine workstation for other unauthorized parties to discover. There appears to be some opportunity for improper use of such important patient information.

The final rule requires health care providers to obtain consent prior to using or disclosing protected health information to carry out treatment, payment or other health care operations. To the best of the author's knowledge, such consent is already a common part of in person health care, and the consent device is routinely used-albeit for different purposes-in telemedicine encounters. Additionally, since the consulting provider is most likely a physician, there is already the underlying assumption that this information is already deemed confidential as a matter of ethical code of conduct. It may be others who may come into contact with this protected information that we ought to be concerned about. What happens to patient information when the consultation has concluded? It is true that where protected information is headed and who will be review it must be clearly determined and authenticated by some means. The patient must be made aware, and give his or her consent that such a transmission is permissible as a necessary disclosure in the course of treatment.

It is worthwhile to determine whether or not a consulting practitioner will be interacting with the patient directly or indirectly. Indirect practitioners would include radiologists and pathologists, who provide health care services for patients indirectly, through the orders of another health care provider. Other store-and-forward applications of telemedicine may be looked at in a similar fashion.

Overall, the privacy rules don't seem to be significantly different from the way in-person medicine, or telemedicine for that matter, is already practiced. That said, focused attention and tracking of where protected information is sent and who uses it should be expected. At this point, the numerous HIPAA regulations-the final privacy rule in particular and other rules yet to be promulgated-will have a great impact on the financial and administrative activities of health plans, billing offices, hospitals and health data clearinghouses.

Site Map | Contact Us | Legal & Privacy | Feedback |