All Data Fast News is © Data Fast Solutions, unless where otherwise indicated • All Rights Reserved

Data Fast News


Keep up to date with Data Fast Solutions for your business.

HIPAA and Remote Patient Monitoring and Wearables

security of patient dataSince the inception of HIPAA in 1996, health information managers have been tasked with keeping the security of patient data in check. However, as technology continually progresses, this becomes more challenging for all healthcare professionals and their associates. This is especially true for remote and wearable technology used outside of a doctor’s office where personal health information (PHI) is much more difficult to control. HIPAA does have guidelines in place stating that patient information collected by a doctor provided wearable device will be covered under HIPAA.

Wearable technology includes commercial consumer products such as fitness trackers as well as products manufactured for remote healthcare monitoring by physicians and other healthcare personnel. Fitness trackers, such as the highly popular Fitbit, are not controlled by HIPAA unless that data is shared with a doctor’s office. Once shared, it falls under the restrictions of HIPAA, so health care providers must ensure that the data is not compromised. Outside of commercial products, remote data downloads occur daily for patients who may be under a physician’s care for any number of health related issues from diabetes to cardiac care to sleep apnea.

remote controlled insulin pumpsIt is also not only the data which is at risk. Any remote transfer of healthcare data which is vulnerable can put a patient in physical danger as well. In 2016, a medical device researcher with Johnson & Johnson discovered that remote controlled insulin pumps were susceptible to an outside attack. This was because the communications between the wireless device and the insulin pump were not encrypted. However, a more malicious attack could have occured, according to the Johnson & Johnson researcher, due to the fact that the pairing between the remote devices was weak. Due to that, an outside attacker could access the patient’s remote device and administer additional, deadly, doses of insulin.

Technological advances in healthcare such as remote, real time monitoring of patient data, have gone far beyond what some would have imagined when HIPAA was enacted in 1996. As new technology evolves, healthcare I.T. developers and manufacturers have learned to work in conjunction with revised HIPAA regulations to ensure compliance prior to delivery. Most wearable devices are now manufactured with strict HIPAA compliance to ensure data is secure. Remote data is now shared much more securely with increased encryption in place.

As this type of technology continues to progress, it is the healthcare organization, and their covered entities, who are held responsible for keeping PHI secure. That does not mean that healthcare providers have to tackle all aspects of HIPAA compliance alone. Technology professionals can provide technical processes that can help. From implementing separate networks for shared data, to encryption, to multi-factor authentication, technology experts can help ensure remote and wearable technology data is never compromised. In addition to the technology itself, assistance with ongoing technology training can add an extra layer of protection against HIPAA breaches. No matter what technology is utilized, partnering with an I.T. company who is highly trained in HIPAA compliance can help ease the burden of making sure PHI is consistently kept safe.

This article is ©2018 Data Fast Solutions • All Rights Reserved

Comments are closed.