Health Industry Cybersecurity - Securing Telehealth and Telemedicine

Healthcare and Public Health Sector Coordinating Councils Public Private Partnership:  Health Industry Cybersecurity - Securing Telehealth and Telemedicine 


Health care is increasingly moving to a digital platform. Recent major investments in health information technology, such as electronic health records and health information exchanges, have created enabling digital components that providers and vendors are leveraging for virtual health care services. These services are primarily delivered to those who otherwise cannot get them, such as those who live in America’s most distant rural settings, the elderly, or patients at risk of contracting COVID-19 those who live in America’s most distant rural settings.

Telehealth use has grown exponentially in response to COVID-19. FAIR Health research Computer, Physician Imageindicates 4,347% growth in telehealth claims to private insurers year-over-year, 2019-20.1 As one example, one clinic chain had a 600% growth in telehealth in the first quarter of 2020 compared to the same time period a year before.2 Additionally, Frost & Sullivan projects a 7-fold growth of telehealth by 2025.3 The deployment of more mature analytics, better adherence to cybersecurity and privacy regulations, and the use of data to show return on investment are expected to maintain the drive of this significant telehealth expansion.4

Virtual health care service, such as telehealth, is now one of the fastest-growing areas in health care. The major expansion of telehealth during the pandemic as a vehicle to manage disrupted access is now being supported with long term support for the concept and decisions by the Centers for Medicare and Medicaid Services (CMS) and others to establish clinical reimbursement guidelines. Yet, this rapid expansion of telehealth services by a growing number of private and public providers comes during a time of enhanced cyber assault on the health care sector. These forces create the imperative to address the unique cyber security issues faced by clinicians, patients, and the systems in which they work.

The Health Sector Coordinating Council (HSCC) has developed this white paper, the “Health Industry Cybersecurity – Securing Telehealth and Telemedicine (HIC-STAT)” guide,- for the benefit of health care systems, clinicians, vendors and service providers, and patients. All of these stakeholders share responsibility for ensuring that telehealth services achieve their optimum benefit with minimal risk to the privacy and security of the data, the consultations, and the systems hosting them. View the full report under Key Resources.

4 Id. (Frost Report)


For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:

John Riggi

Senior Advisor for Cybersecurity and Risk, AHA

(O) +1 202 626 2272