The COVID-19 pandemic has changed almost every aspect of our daily lives. What we’re seeing in healthcare today is unprecedented. Most hospitals have very low overall daily census due to canceled surgeries and general fear of going to the hospital at this time. This negatively impacts revenue and ongoing financial viability. At the same time, most hospitals are experiencing very high census in the critical care areas, many even having to create new intensive care areas on the fly, repurposing other areas of the hospital to accommodate these critically ill patients. Additionally, the uncertainty of a patient’s COVID status due to insufficient test kits and long delays in receiving results has added to the fear and uncertainty.
However, as in almost any crisis, there also is opportunity. As patients began coming to physician offices and emergency departments with COVID symptoms, providers immediately began to look for ways to reduce the risk of spreading the virus. The immediate and easy answer was telehealth. In a matter of a few weeks, we overcame years of resistance to telehealth because, almost instantly, all the stakeholders were aligned.
Let’s start with a quick definition. Telehealth is generally defined as a healthcare provider-patient visit or encounter conducted remotely. Other remote session solutions, such as remote patient-family visits, are not telehealth but can rely on the same technology solutions. These have been used extensively during the COVID crisis – especially to provide patients a way to stay connected to loved ones when visitors are no longer allowed in hospitals.
Though telehealth visits were gradually increasing prior to the COVID-19 pandemic, there were numerous issues with adoption – from reluctant insurance companies and uncertain reimbursement rules, to unenthusiastic providers and unwilling patients. Then, COVID-19 struck and the roadblocks to widespread adoption were decimated in a few short weeks.
Telehealth visits are now being used in ways many envisioned for years. For example, many primary care physicians (PCPs) are now using telehealth visits for initial symptom assessment to prevent a possible COVID-19 positive patient from infecting others via an office visit. PCPs are also providing follow-up visits for sick patients who are at home. Back to the future, we now have doctors making virtual house calls again and the satisfaction rates of both physicians and patients is high. The convenience of scheduling and the ease of simply connecting online is likely to change the nature of healthcare forever.
Other uses of telehealth popping up due to COVID-19 include pharmacists having virtual visits with patients in the ER before discharge and behavioral health consults for critically ill in-patients. Being able to provide a virtual visit while reducing potential COVID-19 exposure has been one of the ways healthcare organizations have been working to “flatten the curve” of COVID-19 spread.
Some of the challenges remain, including ensuring the selected platform is secure. While there are telehealth companies that provide the hardware and software solution for telehealth visits, many of the recent solutions have been commercially available “remote meeting” or “teleconferencing” services. Not all of these have lived up to their promised security claims, but those in the spotlight have taken swift and effective measures to shore up their security. And, as is always the case, we have to look at people, process and technology when working to ensure these connections remain safe, reliable and secure.
People – Providers and patients need to understand how to set up and maintain secure sessions. Posting meeting IDs or not requiring meeting passwords makes these sessions vulnerable to potential hackers. Learning how to initiate and terminate sessions properly prevents accidental breaches of information (similar to a “hot mic” at a news conference). Finally, ensuring the selected platform has security controls enabled and locked down will reduce potential risk.
Process – Developing standard work for providers, whether for telehealth sessions or for patient-family communication, will help ensure the sessions are properly set-up, secured and terminated. In the mayhem of the COVID-19 response, many solutions were propped-up in an almost ad hoc manner. Now is the time to go back and review the set-up and the process, and take any remedial actions needed to improve security.
Technology – Work to ensure the selected technology platform is secure and that the security controls that exist are properly enabled. If monitoring and auditing are available, ensure you monitor use. Finally, encourage your users to contact you with any security concerns or unusual events so you can take swift action to stop issues that may arise.
We’ve reached a new threshold in the use of telehealth, and time will tell whether it will become the new normal. With reimbursements approved and processes defined, it’s likely that telehealth will remain an important aspect of healthcare going forward. Out of crisis, opportunity.
Stay safe.
Editor’s note: For more resources from ISACA related to the COVID-19 pandemic, visit our Navigating COVID-19 page.