The global health crisis caused by the coronavirus pandemic has pushed millions of healthcare practices to move into the virtual medicine lane. For some, it will be temporary. Others were already doing it and will continue to offer this convenient, forward-thinking option to patients who prefer to have appointments from the comfort of their own surroundings.

Recent weeks have brought a focus on how to roll out telemedicine, how to let your patients know about it and which platforms to use. Let’s look at this topic from another angle. In addition to patients being stuck at home, many healthcare workers (including schedulers, insurance specialists and even practitioners) are working from home, too.

Whether a medical practice is just beginning to dip its toes into the telemedicine pool or is a seasoned expert, there are some important data security measures you must have in place for your patients, your practice, and your workers.

The reality is that millions of Americans are now connecting to their clinicians from a distance. So, IT teams must ensure online discussions and patient details are protected. Mike Chapple, associate teaching professor of IT, analytics and operations at the University of Notre Dame, explains how:

1. Set Clear Boundaries Around Remote Use of Healthcare Tools.

Healthcare providers and their clinical and support teams likely do understand and support the need to protect the confidentiality of patient information, they don’t necessarily know how to execute on it. Your IT team (or person) must provide clear guidance for your team members to use the systems and tools at their disposal in a secure manner.

2. Comply with HIPAA Requirements; Especially Surrounding Remote Work.

Many remote workers, including those in healthcare, are turning to new technologies to help facilitate video conferences, share data and manage projects. Clinicians, however, have to be more careful than some other industries. Tools that work with protected health information (PHI) need to operate within HIPAA’s privacy and security rules.

3. Avoid Use of Employee-Owned Devices.

While it is possible to support interaction with patient records from personal devices, most experts don’t recommend it. It can be difficult for healthcare IT teams to verify that employee-owned devices meet all the needed security requirements — especially when staffers aren’t in the office for a consultation.

Sending pre-configured devices home with team members increases the likelihood that those devices will comply with security policies. They’ll also be easier to support, as IT teams can manage them with the same mobile device management platforms that they use back in the office. Remote work may require some adjustments to that policy, but that’s a far less burdensome and complicated task than attempting to secure personally owned devices.

Ongoing safety precautions due to the COVID-19 pandemic have forced millions of people to embrace this new remote work reality, regardless of their profession. Make sure your practice is equipped and compliant. You can access HIPAA’s privacy and security rules surrounding COVID-19 here.