Today, telehealth plays an essential role in the modern healthcare system. Especially since the pandemic, it has soared to new heights in physician-patient communication, virtual medical consultation, and remote treatment of minor ailments without endangering others. Now, flexibility and comfort have also become essential drivers for booting up the computer and joining a videoconference room with the GP—no traveling and no time wasted in cramped waiting rooms.
Additionally, telehealth has the potential to improve healthcare access in rural areas. Here, the density of GPs and medical specialists is much lower than in urban areas, and the accessibility to local transportation might also be limited.
Despite the physical distance, physicians, therapists, and medical personnel can still diagnose, treat, and counsel their patients as long as the symptoms are not life-threatening. This requires diverse media and digital tools like telehealth platforms, portals, videoconference/chat/instant messaging, software, and (mobile) applications. However, providing and receiving telehealth services are not as simple as they may sound.
Even though patients must consent to collecting, processing, and storing their personal health information (PHI), security breaches and data leaks are still enormous risks in remote healthcare. The more components and parties are added to the environment, the greater the attack surface.
Teleconsultations: The Virtual Appointment
Through teleconsultations – either between physician-patient or between physician-physician for a second opinion – medical professionals can remotely provide a limited amount of healthcare services in real-time. They are particularly suitable for annual check-ups, reviewing test results, diagnoses, treatments, and mental health-related subjects. According to Bitkom, 27 percent of German patients interacted with a physician or therapist at least once through videochat technology. However, the distance entails significant risks.
For example, due to the limited examination and the potential for connectivity and communication issues, diagnostic errors are prone to happen. Moreover, if the communication channel is not appropriately secured, cyber criminals can intercept the transmission and extract PHI and other sensitive data.
What to do about it
-
For medical personnel and patients: If physicians want to offer virtual video appointments, they have to refer to a service provider, whose platform is following the requirements defined by the Kassenärztliche Bundesvereinigung and the Spitzenverband Bund der Krankenkassen. At the same time, medical facilities are responsible for educating both the patients and the employees. The former needs to know that technical and operational failures can happen; the latter should participate in security awareness training to learn how to provide remote healthcare services and handle data responsibly. Physicians and patients should access the virtual video appointment through a VPN to ensure the transmission is safe.
-
General note on authentication: In Germany, patients simply show their health insurance card to the camera for authentication purposes—not the safest way, as this visual data could potentially be intercepted. However, physicians have to validate their patients' identities to ensure the integrity of the whole interaction. Multi-factor authentication and digital identity both work as additional—or even better—safeguards.
Wearables and Apps: DIY Monitoring and Treatment
Medical devices, wearables, and digital health applications count as medical products. They mainly serve to continuously aggregate, monitor, and track data. The recorded information is automatically transferred to the attending physician, who assesses it and takes action. Digital health applications (digitale Gesundheitsanwendungen – DiGA) have the same purpose. Doctors and therapists have been officially able to prescribe (reimbursable) DiGA as a mobile treatment for three years. In fact, according to Bitkom, 69 percent of German patients use at least one such app.
Since most medical wearables and applications have networking interfaces and are most likely connected to the Internet to transmit data, network-related risks have to be taken into account. Insufficient device security and unpatched systems also jeopardize patients’ health information.
What to do about it
- For device manufacturers and app developers: Manufacturers and developers must secure all IT interfaces and consider potential cybersecurity risks in their product design. A security-by-design approach, including practices incorporating security controls from the get-go (DevSecOps), should be essential to the overall development process. DiGA developers must meet additional requirements defined by the Bundesinstitut für Arzneimittel und Medizinprodukte (BfArM). These include a robust architecture resistant to disruptions, outages, and manipulation. Furthermore, they must submit certificates proving their apps comply with GDPR and the technical guideline TR-03161. To further strengthen security, privacy, and integrity, developers must implement a way of authenticating policyholders through their digital identity.
- For medical personnel and patients: Like with every piece of software or every device based on an operating system, medical devices and digital health applications should also be updated to the latest version as patches fix (critical) vulnerabilities. By setting up multi-factor authentication, users can ensure that they can only access their data stored in the cloud or the local system. Users who cannot validate their identity are excluded by default.
Electronic Health Record: It’s All About Control
After a trial phase in selected model regions, the electronic health record (elektronische Patientenakte – ePA) rolled out to all German residents on April 29. Health insurance companies automatically set up the ePA and send credentials when their policyholders request access. Otherwise, they can still opt out. Under normal circumstances, the ePA holds all relevant healthcare documentation – from diagnoses, medication, and vaccinations to lab results, prescriptions, and electronic sick leave notices. This way, unnecessary duplicate examinations and potential drug interactions can be effectively prevented. By default, this information is available at all times to anyone with the necessary tech equipment to access the telematics infrastructure, as well as both an electronic practice ID (elektronischer Praxisausweis – Security Module Card Type B (SMC-B)) and an electronic healthcare profession ID (elektronischer Heilberufsausweis (eHBA)). This poses a significant risk.
Not only could any medical personnel look at the information and extract it, but cyber attackers could also compromise the telematics infrastructure and practice management systems, gaining access to PHI.
What to do about it
-
For medical personnel: As previously mentioned, practices and other medical/care facilities must ensure that all systems and devices are up-to-date and appropriately secured. This includes practice management systems as well.
-
For patients: With the ePA, patients retain absolute sovereignty over their PHI. All they have to do is actively manage the access. In their settings, they can determine who can see and edit certain information and when access privileges end.
.svg)
.svg)
