By Peter Reilly
After a huge shift to virtual medicine in the midst of the COVID-19 pandemic, it’s clear that there’s no going back.
In one survey released in February, nearly all clinical professionals said they were offering virtual medical services, compared to 27% before the pandemic. Around 80% said the results were as good or better than in-person medicine.
Perhaps most telling: Three out of four said virtual medicine would comprise at least 40% of their business in the future.1
The increased use of virtual care comes with risks practitioners need to address. The main risks are data security and privacy protection and the heightened potential for misdiagnoses.
How virtual care escalates cyber and professional risk
Healthcare is an inviting target for cyber criminals. In the wake of the pandemic, electronic platforms now integrate billing, scheduling, and patient data while also facilitating virtual care — and cybercriminal activity is stepping up accordingly. One expert compared it to “blood in the water” for criminal elements.2
And while the surge in virtual medicine gave clinicians experience in a new way of delivering care, physicians are still trying to determine what they can — and can’t — diagnose properly through virtual medicine. For instance, a patient with cardiovascular disease may be experiencing fluid buildup, but it may not be apparent without a physical exam. Or in dermatological exam where a poor image of a skin growth may hinder proper diagnosis.
Incorrect, delayed or missed diagnoses have always been top medical error — and, worryingly, is also the most common virtual health medical malpractice claim. The most misdiagnosed conditions leading to claims are cancer (25% of all claims), stroke (20%) and infection (20%).3
How to cope with virtual care risk
Cyber insurance has become essential for any medical practice. But ransomware attacks have been known to shutter practices; the policy’s coverage limits may not be sufficient for the cost of an attack. What’s more, cyber insurance premiums have been rising and limits falling — when there’s insurance available.
As a result, healthcare providers need to invest in cybersecurity beyond insurance. Risk mitigation starts with basics like antivirus software, firewalls and regular backups, then moves to higher-level security measures like dual authentication, encryption and virtual private networks (VPNs). Periodic cybersecurity assessments that reveal digital points of vulnerability are also important.
Contractual liability with IT vendors also raises issues: Given the greater dependence on IT vendors, it’s important to know who is indemnifying whom. Healthcare providers should insist on vendors having top cyber protections in place. Another thing that medical practice should determine is if cybersecurity experts regularly and independently audit vendors’ security.
Risks in wrongful diagnosis with virtual care also demands more than having good insurance.
To reduce risks, practitioners must evaluate the limits of virtual care and monitor the outcomes. Effective communications are as important to virtual treatment as in-person. As with any medical practice, virtual medicine needs an appropriate physician-patient relationship and an adequate assessment of a patient’s medical condition, backed by a complete record of his or her medical history.
It’s not just medical professional liability insurance that comes into play with such risks. The provider of the telemedicine platform has exposures for platform failures, making Technology Errors & Omissions (E&O) a critical protection against third-party claims.
HUB International’s team is ready to help your organization respond to the opportunities and risks in the changing healthcare environment.
1Open Minds, "How To Succeed With Post-Pandemic Telehealth: Ten Items For Your Checklist," February 16, 2021.
2Healthcare IT News, “Cybercriminals seek to take advantage of rapid telehealth scale-up,” October 28, 2020.
3Gray, Ritter & Graham, “Medical Errors Made in Telemedicine,” October 2020
