A colleague asked a very important and common question
“”In talking with a local IT director he asked if there is a security concern with transmitting information via the web instead of phone/fax. Did I misunderstand something in your description of the model for virtual care? I am still learning.”
If there are security concerns about using the internet for video conferencing, secure web conferencing tools, or encrypted collaboration methods, such as we use and encourage…..then there are far greater worries about “data transactions” that occur WITHOUT the people involved seeing, hearing and interacting with other live….such as….putting in a credit card anywhere regardless of the encryption or transmitting records to an EMR etc etc.. or..doing online banking
When one talks on the phone, does one know if anyone else is listening, whether the person on the other end has a speaker phone, and whether anyone or any organization has access to the conversation in real time or later via recording or archive? answer–we have no clue
When one sends a fax that is historically supported by IT because it is a “point to point transmission from one device to another”….does one know whether a digit was entered wrong and it went to a different number? Does one know whether that fax number has been set to auto forward to another fax number on a nother machine or location, etc? NO…and why?
These are traditionally viewed as safe because it is a phone to a phone or a fax to a fax, but in reality, they are not what they need to be for true security/privacy, which is a “identifiable live human being to another identifiable live human being”…. So we substitute for latter with the idea of HIPAA compliant transactions to secured repositories with various access controls, etc
But at the end of the day are you worried about the security of your credit card transaction or are you worried about someone stealing your credit card and then being able to USE it (whether they steal it or not is not the primary issue, it is whether they are able to USE it once it is taken from your person)
What is so interesting about this is that the things we do all day long are touted as “secure” for some rather unsupportable reasons, but “new” methods of communicating seem to be presumed “not secure” even when you look at the basic attributes of those new methods, they are overcoming the fundamental lack of intrinsic personal privacy protection (an attribute the person needs to control anyway) of the existing means of communication.
A purely web based encrypted (as all these methods (vidyo, citrix, webex, google chat, etc are to varying levels) that has individual users identifying themselves, seeing themselves, consenting to each other face to face, recognizing who is on, who is not, deciding what to share, etc……is far, far more protective of personal privacy than the non-personal asynchronous methods of fax/store-forward/emr repository or the non-visual methods of phone calls…..
I think there is alot of mythology out there. But the question is a good and legitimate one. It is worth taking the time to discuss because it is in fact a very fundamental issue that is, in my opinion, holding people up from making major advances in collaboration that could save people lives, time, gas money, and other forms of risk based on inefficient communication.
Radology Techs Graduation June 2008, poem written for their ceremony
Emerging today from the ground level rooms of a hospital micro college
From watch, learn, do..to “I’ll show you”. Less wonderment, more knowledge
Physics, process, communication, documentation, and rules
Patient service, education, mastering digitized tools
They crank up all the GE, Siemens, Phillips and Toshibas
Finding anatomicphysiopath from cartilage to amoebas
The docs in white might sign their names to written diagnoses
But we all know who makes or breaks this magnetic metamorphosis
Meeting demands of specialists, and surgical prima donnas
Data from 2 AM on-site techs to remote radiologists in pajamas
Pixels, voxels, fractionation, decaying isotopes
Avoiding too much radiation, while learning all the ropes
Oh, they also absorb all that billing code stuff, all those work rules and health regulations
Systems for data, results view and orders, time keeping tools for vacations
If our techs have mastered, from device to bedside, all these skills they can take to the bank
Then.. hero or martyr, we will all look much smarter, and we’ll have these new graduates to thank
Andrew Barbash, MD
Neurosciences Program Director
Holy Cross Hospital
Appreciator of the work of the Radiology Techs
June 13, 2008