Confronting the Growing Cybersecurity Risks in Healthcare

Confronting the Growing Cybersecurity Risks in Healthcare

With healthcare systems around the globe overburdened by the pandemic, hospitals and other healthcare organizations became prime targets for cybercrime. 

This threat grew in tandem with the coronavirus through 2020. The CISA, FBI and HHSa issued a Joint Cybersecurity Advisory in late October, warning of an increased and imminent risk of ransomware attacks to US hospitals and healthcare providers.

Unfortunately, they were right to sound the alarm.  Cybersecurity company Check Point Software reported in January that in the final two months of 2020, there had been a 45% increase in attacks targeting healthcare organizations globally—more than double the overall increase in cyberattacks across all industry sectors worldwide.

Canadian healthcare in particular was under assault. Organizations in that country experienced the most dramatic increase of any in the world, with a 250% spike in attacks.

Healthcare in the crosshairs

To date, the ransomware attacks largely use the Ryuk variant, specifically tailored and targeted for healthcare organizations. According to Check Point Research:

“Unlike most ransomware which is distributed via massive spam campaigns and Exploit Kits, Ryuk is used exclusively for tailored attacks. Its encryption scheme is intentionally built for small-scale operations, such that only crucial assets and resources are infected in each targeted network and distribution is carried out manually. The malware encrypts files stored on PCs, storage servers and data centers.”

Hospitals are getting hit because they’re likely to be more willing to pay ransom right now. With the pandemic straining the healthcare system, they can’t let an IT disruption prevent them from providing care. 

The healthcare sector is also more vulnerable due to its rapid adoption of new temporary locations, processes and personnel—organizations have a challenge training everyone.

But Sumit Bhatia, director of communications and knowledge mobilization with Toronto-based Cybersecure Catalyst has noted that many healthcare systems run on legacy technology that make them less capable of stopping sophisticated attacks.

Protecting virtual healthcare systems

For healthcare organizations offering virtual care services, security is a top priority. Early in the pandemic, as patients requested remote appointments, health practitioners were rightly reluctant to introduce consultations over traditional video-calling platforms due to privacy concerns.

Instead, organizations have to find ways to securely integrate telemedicine platforms with existing proprietary systems that hold data, test results, and patient information.

The latest wave of ransomware attacks makes clear that healthcare organizations need to remain on guard. As Bhatia noted, “Right now we’ve just adopted [technology systems] for the model of efficiency, not for models of security. We are focused on delivering care, not necessarily delving into cybersecurity issues.”

It’s vital that as demand for telemedicine grows, healthcare organizations must develop risk-informed cyber strategies that include performing comprehensive risk assessments to determine if a virtual care platform poses any additional security exposure.

Secure by design

One of VidyoHealth’s fundamental advantages has always been security, both on-premise and in the cloud. As such, VidyoHealth is a HIPAA compliant solution.

VidyoHealth maintains an information security governance policy designed to protect the confidentiality and integrity of information.

The built-in security measures range from user authentication/login and segregated management to encryption for passwords, signaling and media.

Specific security features include:

  • SRTP media encryption
  • FIPS 140-2 certified libraries 
  • Secure HTTPS login utilizing industry-standard PKI 
  • TLS using strong encryption ciphers for signaling 
  • Password hashing in database 
  • Encrypted token technology for session security 
  • No login information retained on the client

You can find complete details about the extensive measures taken in the Vidyo security white paper.

 

Learn more about VidyoHealth end-to-end telehealth platform.

Remote Patient Monitoring: How At-Capacity Hospitals Utilize Telehealth

Remote Patient Monitoring: How At-Capacity Hospitals Utilize Telehealth

Hospitals must plan for every possible emergency health scenario. When large numbers of gravely ill or injured patients begin flooding their Emergency Department, they need to be ready to respond without hesitation—lives are at stake.

Communities around the world experienced this almost simultaneously with COVID-19 outbreaks. Public health measures designed to reduce the spread—from mask wearing to full lockdowns—were not only meant to protect people’s health. They were also intended to prevent an overwhelming demand that would impact other aspects of local health systems. Big waves tend to swamp everything in their path.

Indeed, many hospitals delayed non-urgent treatments and surgeries to ensure there would be enough beds for COVID-19 patients and recruited health professionals from other departments to help  treat them.

Early in the pandemic, the CDC also recommended that health care providers implement virtual methods of offering clinical services—specifically telehealth.

As the agency published in its Morbidity and Mortality Weekly Report: “Telehealth could have multiple benefits during the pandemic by expanding access to care…and reducing patient demand on facilities. Telehealth policy changes might continue to support increased care access during and after the pandemic.”

Surge Capacity Strategies

Every hospital has surge capacity strategies in place to manage sudden spikes in demand for their services. Viral outbreaks are only one potential cause. Catastrophes like a high-rise fire, severe weather event, industrial explosion or any disaster that impacts a large group of people in an area could require hospitals to treat more patients than their usual volume.

To expand capacity, a hospital has four options

  1. Decrease demand (i.e. divert patients to another hospital)
  2. Establish alternate care facilities (like a field hospital or a hotel)
  3. Minimize resource consumption by admitted patients
  4. Establish treatment areas in unconventional locations within the hospital.

Many health systems have learned through managing the COVID-19 crisis that telehealth, including video conferencing, can play a vital role in surge capacity planning.

How Telehealth Expands Capacity

The Society of Critical Care Medicine recommends understanding and designing solutions for specific use cases, including:

  • Teleconferencing with patients or expert consultants
  • Remote patient monitoring
  • Forecasting and triage
  • Implementation of severity of illness scores (i.e. APACHE
  • Bedside clinical decision support 
  • Regional coordination of care

A component of pre-surge planning is to choose how telehealth programs will be implemented: Outward toward the community; inward toward units within the system; or into the homes of patients.

The right telehealth platform will accommodate all of these scenarios, with highly accessible user interfaces that simplify communication between patient and health care providers. 

In the specific context of the pandemic, remote patient monitoring has helped protect nursing staff caring for patients in isolation rooms. But telemedicine allows health systems to load balance and offload clinical work from bedside clinicians. Remote clinicians can monitor and round on low- to moderate-risk patients and help triage bedside clinician activities.

Plan for the Next Surge

Every health crisis teaches us something new. One of the big lessons of COVID-19 pandemic has been the critical role of new technologies that enable health systems to minimize risks and manage capacity. With remote patient monitoring in place, health providers had the confidence to send recovering patients home 12 or 24 hours earlier, freeing up beds.

Hospitals have gained vital experience for post-pandemic planning. Expanding the use of remote patient monitoring and virtual health platforms helps prepare for the next crisis. When health care professionals of all stripes adopt and use the many forms of telemedicine, it increases their familiarity of its capabilities. When the next surge strains the capacity of health systems, they will be ready to respond with the best strategies at hand.

Learn more about VidyoHealth end-to-end telehealth video conferencing.

How to Approach U.S. Federal Telehealth Grants in 2021

How to Approach U.S. Federal Telehealth Grants in 2021

To mitigate the spread of COVID-19 while continuing to treat patients, hospitals across America made an effort to expand their telehealth services in 2020. According to a McKinsey Report, consumer adoption of telehealth surged from only 11% in 2019 to 46% in 2020, while virtual visits increased up to 175 times. Virtual visits not only help to reduce exposure to COVID-19 but also help medical professionals extend vital care and monitoring to patients not affected by the virus. 

Unfortunately, public health circumstances also brought a great strain to healthcare system budgets. With elective procedures suspended for much of 2020, already thin hospital margins fell to an estimated -3% in the second quarter of 2020.

Even with government funding distributed through the CARES Act, Kaufman Hall projects that up to half of US hospitals could sustain negative margins without further support. 

While it’s clear that telehealth services are both needed to cope with the pandemic and have long-term care merits, cash-strapped hospitals may struggle to maintain and support these programs in 2021. 

To offer the highest quality of care now and in the future, providers can explore federal grants and reimbursement programs to fund telehealth services. 

How Has COVID-19 Changed the Telehealth Funding Landscape? 

To help medical providers stay afloat and offer vital service during the COVID-19 pandemic, the federal government distributed $175 billion of funding to hospitals through the CARES Act in 2020. 

Beyond this, in March of 2020, Congress allocated $200 million to the Federal Communications Commission to establish a COVID-19 Telehealth Program for connected services. This Telehealth Program is now being extended into 2021 with an additional $249.95 million in federal funding. 

More telehealth funding opportunities are available through Grants.gov and the Rural Health Information Hub.  

So what’s changed with telehealth funding and grant opportunities since the onset of the pandemic? Here are a few things that stand out: 

  • Funding programs have expanded
  • Eligible care scenarios have expanded
  • Funding is being disbursed, or reimbursed, more quickly
  • Government agencies not typically responsible for telehealth funding are overseeing the programs

What hasn’t changed? 

  • There is still a 60-day waiting period between application and award 
  • The earlier you apply, the more likely you are to receive the award
  • You still need a strategic plan to apply for the award and support the program

Make a Plan to Pursue Telehealth Funding

To successfully pursue time-sensitive funding opportunities, your organization should have a proactive grants team in place to execute the grant strategy and application process. For larger organizations, this team may be coordinated through a Centralized Grants Office or an Office of Sponsored Programs. For smaller organizations or organizations with limited grants experience, this team may need to be built from scratch. A grants champion should drive the effort and coordinate stakeholders. But a champion doesn’t win without his or her team. 

Key team members should include:

  • IT lead 
  • Clinical staff 
  • Program staff
  • Community outreach
  • Grant writer 
  • Senior management 
  • Budget/finance officer

This team works together to determine the feasibility and the fit of the funding opportunity. 

Self-assessment Questions for Funding Opportunities

Before you get started, answer some self-assessment questions to determine whether or not to pursue a certain funding opportunity:

Are we eligible for this grant/funding opportunity? 

Will this funding help us solve a specific medical or services need? 

Will we be able to comply with the post-award requirements? 

Do we have the cash flow for any necessary upfront purchases (for reimbursement programs)? 

Will we be able to sustain the program after funding expires? 

The sum of these questions boils down to this: don’t chase money that isn’t a good fit. It takes time and resources to apply for funding — avoid waste by selecting funding opportunities according to need and capacity to support the funded program.

Next Steps to Obtain Telehealth Funding 

When it comes to federal funding opportunities, the early bird gets the worm, so it pays to have your ducks in a row. In addition to having your grants team in place, you’ll need to take care of some administrative tasks. This includes registering and setting up accounts on Grants.gov and SAM.gov. You should also prepare your articles of incorporation, and evidence of 501(c)(3) status (if applicable) for any application. 

Expanded funding for telehealth represents a pivotal opportunity for providers to extend their virtual care services in 2021. Position your organization to win funding by applying early with a strategic plan. 

To learn more, speak to one of our Telehealth Solution Experts by contacting us here.

This Valentine’s Day, Take Telemedicine to Heart with Cardiac Patient Monitoring

This Valentine’s Day, Take Telemedicine to Heart with Cardiac Patient Monitoring

Valentine’s Day is just around the corner, a day when matters of the heart are front and center. For doctors, their patients’ hearts are always among their primary concerns.

Each year, 1 in four deaths in America is due to heart disease, making it the leading cause of death for men and women. About 805,000 Americans will likely have a heart attack this year, and about 1 in 5 heart attacks will be silent, meaning that the person won’t even know of the damage done.

To help manage the conditions that underly these often tragic and life-altering health events, it’s important that doctors identify heart disease early and closely monitor the patient. Unfortunately, the reality of human behavior can get in the way.

The challenges of patient monitoring

To successfully treat heart disease, as well as conditions related to cardiovascular disease (CVD), health professionals encourage patients to make lifestyle changes and continue a regular course of medication. They also require regular follow-ups. Despite the obvious potential health benefits provided by regular doctor appointments and tests, clinic visits can present an imposition on daily life. Not surprisingly, patient compliance is a common issue, which then reduces the likelihood that the patient will stick to the course of treatment.

With the pandemic, that situation only grew worse. The COVID-19 pandemic has increased the challenges health systems already face monitoring heart disease and CVD.  Clinic visits and elective procedures were suspended, and patients delayed seeking care out of concern that the coronavirus posed an even greater health risk. As two CVD-specialist doctors recently wrote for the American College of Cardiology:

“[The pandemic] has led to disruption in every aspect of cardiovascular care delivery.…The adverse impact on cardiovascular care delivery and outcomes will likely be long-lasting if our health systems do not adapt quickly and efficiently.”

How telehealth offers a new window into the heart

Telehealth is one key way health systems are adapting. It also provides a path to overcoming some of the systemic barriers to monitoring heart disease and CVD.

With the right technology, physical distance can almost be erased, providing a personal interaction between doctor and patient. Telehealth offers the ability to remotely monitor conditions that contribute to heart attack and stroke, providing an opportunity to implement primary and secondary cardiovascular prevention without trips to the clinic..

Patients can get any tests done prior to the appointment at a lab close to their home, or measure their blood pressure with an automatic blood pressure cuff at home, their local pharmacy or senior center.

Quite simply, telehealth appointments are more convenient than in-person clinic visits, for both doctors and patients. Doctors can review test results and discuss face-to-face with the patient about how to manage their condition.

In the future, remote monitoring of health data using wireless-enabled devices that measure a person’s weight, blood pressure, blood sugar, pulse, and heart rhythm could further advance telehealth’s promise.

How Vidyo enables cardiac and cardiovascular care

To implement a successful approach to telehealth, patients must have access to a secure but inviting and natural interface for patients to review their health information with their doctors and family.  This empowers health providers to enhance patient satisfaction, improve the quality of care they can deliver, and protect patients’ privacy.

Behind the scenes, a telehealth platform must seamlessly integrate into a health system’s clinical workflow.

Vidyo Telehealth is purpose-built for healthcare organizations and securely integrates with systems, devices, and software, enabling virtual specialty care, including cardiology. It enables medical professionals to collaborate, consult with patients, and provide real-time care and education to patients.

For example, the VidyoConnect Patient Room Experience provides a high-quality video environment that allows patients to connect with medical professionals and family members virtually. The HIPPA-compliant solution enables patients to attend scheduled meetings with family members which increases the patient’s ability to adhere to treatment protocols.

Get to the heart of the matter

Learn more about how the Vidyo Patient Experience supports cardiac and cardiovascular patient monitoring and more.

Vidyo + Ignis Health: The Power of High-Quality Telehealth Video Delivery And Data Analytics Combined

Vidyo + Ignis Health: The Power of High-Quality Telehealth Video Delivery And Data Analytics Combined

Now that telehealth has become part of the “new normal” during the coronavirus, healthcare institutions face a new challenge: How do we make sense of all this new telehealth data?

Enter Ignis Health.

Ignis Health shines when it comes to collecting data from these interactions and making it easily accessible for analysis. It provides the platform for healthcare institutions to retain, collect, measure, and, ultimately, utilize all their telehealth data.

Combining Vidyo’s repository of telehealth video, Clinical Data Repositories (CDRs), Electronic Medical Records (EMRs), healthcare Enterprise Data Warehouse (EDW), and billing systems with Ignis Health’s data analytics capabilities creates exciting new potential. Healthcare providers can now pull meaningful insights that they can use to optimize their operational, service delivery, and financial performance.

Challenges with telehealth analytics

The decisions that need to be made using telehealth data can sometimes have life or death consequences. This is why in today’s quickly evolving healthcare landscape, access to comprehensive, accurate, and timely reporting for telehealth is critical.

As telehealth interactions increase, healthcare providers need to include important questions in their virtual healthcare processes, such as:

  • Which modalities, treatments, or programs were most effective?
  • How did patients interact with particular healthcare delivery systems?
  • Which measures are financially sustainable, and which are not?

However, implementing this mode of questioning into healthcare practices effectively has been difficult for institutions to achieve for several reasons. First, there are regulations that make implementation more tricky. These regulations act as policy barriers related to privacy, security, compliance, and Medicare coverage.

Adoption has also been part of the issue. There are patient-physician concerns about the need for in-person contact in order to make accurate diagnoses. Patients are concerned about how their sensitive information will be handled by telehealth analytics platforms. Another barrier is the lack of time to implement proper data governance and data integrity guidelines. The need for additional training to integrate telehealth analytics into their operations can be burdensome for most providers with typically tight schedules.

Finally, there is a disparity in the availability of technological solutions that pass quality standards that are not always compatible or easy to integrate with each other. In studies cited by the Brookings Institution, many institutions lack access to cutting-edge tools, especially ones that are easy to set up for enterprise-wide use while maintaining high security standards.

How COVID changed things

The global pandemic forced governments and healthcare providers to make a considerable effort to embrace telehealth on a much wider scale — and fast. The ensuing demand for telehealth was apparent. According to Frost and Sullivan research cited by CNBC, telehealth appointments grew 50% in March 2020 alone.

To help do our part as a video solutions provider, we decided to partner with an established data analytics company, Ignis Health, to provide a secure and comprehensive (yet user-friendly) suite of telehealth solutions to the embattled healthcare institutions that need us. All that’s left is to bridge the gap between demand and solution.

How Vidyo offers solutions

The partnership between Vidyo and Ignis Health led to the creation of the Telehealth Resource Program (TRP). TRP supports enterprise-wide telehealth analytics by allowing healthcare institutions to unlock the full potential and financial benefits of telehealth in the most secure way possible.

TRP’s comprehensive dashboard also makes it easier to spot inefficiencies — and opportunities — in operations, healthcare results, and financial sustainability. This way, you get the concrete data you need to confidently invest in the virtual health programs that are most effective. Also, TRP automates data collection, data visualization, clinical documentation, reimbursement, and reporting from Vidyo CDRs, easing the burden from healthcare practitioners who used to spend significant time doing these manually.

Overall, TRP delivers a two-pronged solution by giving healthcare providers the tools to make telehealth data useful for healthcare decisions, while providing you with useful information to understand and optimize your telehealth clinical services.

Interested in using TRP for your own telehealth solutions?

If you want to know more about Vidyo’s Telehealth Resource Program and how you can use it to enhance your own telehealth solutions, visit our webpage or email info@vidyo.com.

Skip to content