Five Steps to Prepare for Telehealth Data Breach Litigation
As we’ve previously reported, COVID-19 has caused a surge in telehealth and has temporarily reduced the HIPAA Security Rule requirements placed on telehealth service providers. These relaxed Security Rule requirements, while helpful for providers scrambling to provide urgent care and patients needing such care, increase the risk of cybersecurity breaches. When the breaches happen, litigation is sure to follow, so here are five tips to position yourself for a more favorable litigation outcome.
Avoid the Breach
Breaches always have costs, not the least of which include reputational costs and lost business. Don’t let the temporary relaxing of HIPAA Security Rules lull you into settling for second-rate technology vendors. Even if you comply with HHS’ current relaxed requirements, state laws can still be more stringent and patients may still sue you if their information is compromised. Accordingly, use a HIPAA-compliant telehealth service provider who agrees to sign a business associate agreement. For additional guidance on particular cybersecurity steps to follow, see here.
Monitor and Prepare for the Breach
The longer a breach goes undetected, the greater the costs of cleaning it up. Make sure you have...