The COVID-19 pandemic has ushered the contemporaneous and widespread adoption of telehealth in healthcare communities. Telehealth offers patients opportunities to receive medical care from home or in other preferred, safe, convenient settings outside of the traditional clinic.
Because telehealth is delivered using the digital transfer of patient data, it is especially important for telehealth organizations to exercise strict adherence to the regulations of the Health Insurance Portability and Accountability Act (HIPAA), the law that stipulates how personal health information must be handled and protected by healthcare organizations.
What National Coronavirus Hotline (NCH) Offers
The National Coronavirus Hotline (NCH) is a HIPAA-compliant platform that offers coronavirus-related telemedicine appointments, mental health consultation, a COVID-19 information clearinghouse and professional disinfection services. As a telehealth provider, NCH understands the centrality and importance of patient confidentiality, and the honor and responsibility of protecting patient health information (PHI).
NCH Platform And Patient Protection:
Following are the safeguards that the NCH platform has enabled to protect patient confidentiality and ensure PHI security.
Access Restrictions: Only the provider and the patient will be able to access the data the patient has entered. No other party, including NCH employees, have access to patient data unless it is required for data management or by law.
Data request selectivity: NCH only asks patients for data that is necessary for evaluation, diagnosis or treatment.
Deletion of decedent data: If a patient dies, their account and data are both deleted upon knowledge of death.
Encryption: All data entered by patients has end-to-end encryption, protecting patient data from unintentional or malicious third-party viewing.
NCH Non-disclosure: To ensure the utmost privacy when handling PHI, all NCH employees are required to sign a HIPAA-compliant non-disclosure agreement (NDA). Employees who violate their signed NDA are subject to the company’s sanction policy and/or civil and criminal penalties. Vendors and third-party service providers must also sign NDAs if they could interact with PHI.
Platform exclusivity: Employees cannot copy any PHI to external media not approved by the company. Prohibited transfers include the use of flash drives, hard drives and other data transfer modules.
Platform data protection: Physicians, therapists or other end-users cannot save or download patient data outside of the NCH platform, and will not be able to load such data onto personal computers or onto mobile devices.
Risk assessment/vulnerability review: The NCH employee group regularly conducts risk assessments to identify potential data vulnerabilities. This action helps ensure the confidentiality and integrity of protected health information.
State-of-the-art database architecture: NCH uses a secure data storage, arrangement and integration to protect against data theft or third-party viewing.
Storage separation: Patients’ demographic profiles are stored in a separate location from their health data.
Trust is the cornerstone to effective healthcare, and providing patient data security is a critical means to establish it. With the HIPAA-compliant NCH platform, providers and patients will be able to have complete assurance that PHI is protected and maintains its integrity. NCH encourages its contracted providers to ask questions about the platform’s HIPAA compliance protocols when questions arise. The employees at NCH look forward to fulfilling their PHI protection roles.