New telehealth guidance from Cloud Security Alliance
The Cloud Security Alliance (CSA), a global organisation dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, says it's important for healthcare delivery organisations (HDOs) to have processes and controls in place to ensure the security of telehealth patient information.
The CSA has released Telehealth Risk Management, new guidance from its Health Information Management Working Group, which offers best practices for the creation, storage, use, sharing, archiving, and possible destruction of data through the lens of governance, privacy, and security.
“During the COVID-19 pandemic, the rules governing telehealth changed dramatically, prompting health delivery organisations to quickly update and revise their governance and risk programs. Now, with the rapidly changing demands and regulatory requirements for telehealth, it’s essential that HDOs have effective governance and risk programs to ensure a smooth and seamless transition while improving their current risk postures,” said Dr. Jim Angle, the paper’s lead author and co-chair of the Health Information Management Working Group.
An HDO’s ability to manage telehealth data and the associated processes is essential to achieving its data security and data privacy goals, says the CSA. Developing and implementing a risk management programme for telehealth requires a strong governance programme, which serves not only to underscore the organisation’s commitment to managing its information and risk but also compliance with all applicable laws, standards, and regulations.
“Maintaining the sanctity and integrity of healthcare data is of paramount importance not just from a regulatory perspective but also from the viewpoint of patient safety. As data collection continues to increase in speed and scale, the analytic techniques used to process these data sets become more sophisticated, and the use of data becomes more varied,” said John Yeoh, Global Vice President of Research, Cloud Security Alliance. “Big data analytics will continue to expand the use of health data used in telehealth, and while this presents a huge opportunity for health research, proper care must be taken to prevent its loss or misuse.”
As healthcare entities look to secure their data, blockchain is taking centre stage, thanks to the fact that it allows for efficient data sharing while simultaneously ensuring patient privacy and data security. The Health Information Management working group’s upcoming (due in June 2021) white paper, The Use of Blockchain in Healthcare, examines its application not only in telehealth, but in research, patient administration, finance, and supply chain.
Dr. Angle will be speaking during three sessions on various topics related to security and privacy in the healthcare field at the upcoming HIMSS 2021, specifically:
- HIMSS Healthcare Cybersecurity Forum (Aug. 9). In this pre-conference event, attendees will learn how leading provider organisations are protecting healthcare’s expanding digital footprint and securing data inside and outside the hospital, including technologies such as telehealth, remote monitoring, and wearables.
- Protecting the Privacy of Healthcare Data in the Cloud (Aug. 10, 11:30am - 12:30 pm, Caesars, Forum 123). In this session, attendees will learn, among other things, about the six phases of the cloud data lifecycle and the importance of the data lifecycle as it relates to privacy.
- HIMSS Cybersecurity Command Center on Product Management What, How, and Why (Aug. 10, 1:15-2 pm, Caesars Forum Conference Center, Booth C300, Theater A). This session will examine what it means to be a product manager in a service organization.
The CSA Health Information Management working group aims to provide a direct influence on how health information service providers deliver secure cloud solutions (services, transport, applications, and storage) to their clients, and to foster cloud awareness within all aspects of healthcare and related industries. Individuals interested in becoming involved in Health Information Management future research and initiatives are invited to join the working group.