Telehealth: Develop a post-pandemic roadmap
During the COVID-19 pandemic, healthcare providers quickly implemented telehealth solutions to meet urgent patient needs. Now that we’re starting to get back to a “new normal,” providers need to consider how to develop a robust, long-term telehealth program.
The question is: What role should telehealth play in your organization?
The potential of telehealth goes far beyond the videoconferencing and online chat that are part of many initial telemedicine and telehealth initiatives. As the surge of COVID-19 patients subsides, whether your practice implemented a platform under the pressure and chaos of the pandemic or is just now considering a telehealth strategy, take a step back now to develop a roadmap that aligns your telehealth program with organizational goals and strategies.
The potential of telehealth goes far beyond the videoconferencing and online chat that are part of many initial telemedicine and telehealth initiatives.
Telehealth strategic roadmap
Oftentimes, technology investments tend to be tactical and might not be aligned with the organization’s strategic and business goals. A telehealth roadmap should start with the organization’s strategic goals, such as increased patient engagement, enhanced access to care, better chronic disease management, and improved patient outcomes. If you’ve implemented a telehealth platform during the current health crisis, explore how well you have met both patient and provider demands, such as availability, easy access, and reliability. Does your existing platform have additional functionality that you can use to achieve those goals?
Moving forward, consider how new or enhanced telehealth capabilities could help you move the needle in these strategic areas. For example:
- Would customized online education improve patient satisfaction?
- Would remote monitoring make patients with chronic diseases more engaged?
- Would asynchronous e-visits grow volume by increasing healthcare provider capacity?
Security and privacy concerns must be front and center as you develop the telehealth roadmap and evaluate potential vendors. Although the U.S. Department of Health and Human Services is waiving penalties for HIPAA violations against healthcare providers that serve patients through “everyday communications technologies,” such as Skype and Zoom, during the COVID-19 nationwide public health emergency, the long-term consequences of a breach would be severe. Whatever platform your facility chooses to implement, take steps to make sure patient data is kept secure and private at all times.
Security and privacy concerns must be front and center as you develop the telehealth roadmap and evaluate potential vendors.
The Centers for Medicare & Medicaid Services (CMS) have relaxed many restrictions to promote the use of telehealth, and private insurers also expanded telehealth benefits. It remains to be seen whether telehealth rules will continue to relax or if we will go back to stricter requirements, such as interstate statutes restricting provision of remote care to patients across state lines. Once the pandemic subsides, providers will need to stay apprised of regulatory changes from CMS and all other applicable laws and policies for telehealth.
It remains to be seen whether telehealth rules will continue to relax or if we will go back to stricter requirements.
User experience needs to be a primary consideration in any telehealth program. As healthcare providers are starting to ramp up operations post-crisis, increased network traffic has the potential to overwhelm available bandwidth, leading to issues such as dropped calls and frozen screens. Make sure that your facility is prepared to deliver an optimal experience for providers and patients alike.
Here are some areas that you should pay attention to as you evaluate and select a solution for your telehealth initiative:
- IT infrastructure. Unless your organization has the resources to develop and support a system internally, your virtual telehealth ecosystem will likely rest on a commercially available cloud-hosted platform. This telehealth ecosystem will include a software solution that enables data and communication flow from the patient to the care provider, and is capable of supporting internet-based and mobile communications such as videoconferencing, audioconferencing, email, secure text messaging, and the transmission of telemetry data.
- Telemedicine infrastructure. What other healthcare partners or providers and services should be added to the delivery platform? What is their role, and how will their services be integrated into the care delivery? While real-time provider-to-provider collaboration still is primarily found in emergency departments of critical access hospitals, the potential certainly exists for care providers to partner with, for example, orthopedists, cardiologists, or even physical therapists to collaboratively establish patient care plans and milestones.
- Software. What applications must be supported on the telehealth platform, including mobile devices middleware and applications? Software features that are critical to the success of the program must be clearly identified to ensure that the chosen solution meets the requirements.
- Equipment. What equipment does the patient need for a good and productive telehealth experience? Minimum standards for compatible equipment or devices must be defined, such as compatible phones, tablet devices, and laptops. These devices will need the appropriate operating systems, microphones, webcams, speakers, internet browsers, and internet connection bandwidth.
- Medical devices. What medical devices will be required to be supported by the telehealth platform to deliver remote telehealth services? Will data streaming be required and captured for connected devices such as FitBits, EKG, blood pressure monitors, blood glucose meters, and smart scales? Constant data streaming from devices on a public network increases the likelihood of that data being compromised, as compared with devices that communicate directly to a healthcare provider’s or device manufacturer’s proprietary network.
- Technical resource requirements. What technical expertise is required to deploy the solution? Will you need to hire or train project managers to help ensure smooth and timely implementation? What help desk support will you need to provide? Are specialists needed to support medical devices?
- Cost. Understand the total cost of ownership for the solution, and invest in technology that’s adaptable and scalable to meet your needs. Sometimes a solution with all the bells and whistles might not be the best choice if you’re not planning on implementing those features soon. Keep in mind, technology gets better over time. Solutions often become richer and more robust to meet new market demands and needs. Invest in what you need, not what you want.
- HIPAA compliance. Make sure the chosen software is HIPAA-compliant and that the technology vendor is willing to sign a Business Associate Agreement, including the technology partners that the vendor uses as part of the solution delivery.
Telehealth solutions are, by nature, an integration of disparate parties and environments. Unless proactively addressed, security and privacy concerns can become barriers that prevent patients from embracing and adopting telehealth technologies — or drive them away from your facility entirely.
Unless proactively addressed, security and privacy concerns can become barriers that prevent patients from embracing and adopting telehealth technologies — or drive them away from your facility entirely.
Risks and concerns that should be identified include:
- Safeguards in place from the third-party service or telehealth platform provider.
- Potential vulnerabilities in medical devices and monitoring devices.
- Accuracy of medical diagnostic data collected from remote patient monitoring devices.
- Integration of private information into third-party services, such as billing and payment, marketing, and referrals.
- Potential vulnerabilities in custom application features.
Make sure that your chosen vendor has performed a thorough assessment of end-to-end architecture to determine whether security and privacy vulnerabilities exist and what security controls are required for proper cybersecurity of the telehealth ecosystem and to protect individuals’ privacy. If available, review an independent auditor’s report, such as a HIPAA Security Assessment, SOC 2 Type II, or HITRUST report.
Unlock the potential of telehealth
Telehealth programs hold vast potential to advance new business models, improve patient engagement, expand access to care, improve outcomes, promote healthier lifestyles, and reduce cost. As the COVID-19 curve flattens and operations strive to reach a “new normal,” take a step back to consult your advisors and evaluate how to take advantage of all that telehealth can offer your organization and your patients.