How confidential is your online work?
Technology and privacy go hand in hand with controversy these days. We have seen the changes of the Tech Giants particularly this year as they respond to the demands that we make for a safer environment online. Though this world is murky, complex and full of unintended consequences, the subject is often discussed from the point of view of technologies, devices and the parameters of the software. The lens that a health and well-being professional must view this debate through is wholly different. It is one of client privacy and the therapeutic relationship, it must at every stage follow the rules and also engender Trust.
In a traditional setting, in a therapy room, the whole process of delivering healthcare and well-being services were built on robust and well-learned processes. There have been careful considerations around privacy, security, culminating in what we have called a ‘safe-space’ over many years. The practitioner, the client, the business needs, and the regulatory body, all sustaining standards that everyone can rely on to be trustworthy and safe. Things have changed now that independent health and well-being services are being delivered online, and in ways that are not always easy to see.
in a therapy room, the whole process of delivering healthcare and well-being services were built on robust and well-learned processes.
The business angle of confidentiality is more widely understood and solved, you are registered with The Information Commissioners Office, operating under GDPR and the Data Protection Act, and know what and how information can be shared. While that still has some challenges, the one thing these policies were not really built for was telehealth as a consumer service, meeting and treating a client online using software and video services. Providing health services online is something that Clinics and healthcare settings have a large policy book to solve and they have a legal services to defend the risk.
For an independent practitioner setting up and maintaining those processes appropriately is a daunting task.
Things have changed now that independent health and well-being services are being delivered online, and in ways that are not always easy to see.
Once you are meeting and treating someone through a video service there are many different types of data flying around. You may know the terminology of ‘Encrypted in Flight’ and ‘at rest’ for example. This is a great reference actually, because if you follow where the data travels, you can then figure out how you can be responsible for it – and you are completely responsible for it. It now travels much further than your clinic/office, if uncontrolled.
If you want to maintain best practice, as well as handle your data responsibilities thoroughly, then things can get expensive. As an example Zoom’s own ‘healthcare compliant’ subscription is $250+ a month. After a recent award of $85m made against them for inaccurate advertising around security trust has been damaged, and they are still on the road of ‘fixing and improving’ the security of their services and certainly do not widely publicise to users their progress. As a bottom line, if they are a US company and if you are not a US Citizen then you do not enjoy the full protection of their data practices and you are exposed to risk that you don’t need to be exposed to. Their services are fine for business purposes or general consumer use. But once the subject is health, we must work harder, exactly as you did in your own therapy rooms.
We know that clear and obvious confidentiality goes a long way towards bringing about trust. Transparency of policy and procedure is at the very heart of a practitioner’s work.
Working online the game changes, and we have now had the time to gain some great insights and consider how we can deliver services online, independently without all the risk for ourselves and our clients.
Practitioners working online are everyday contributing to the quality standards of practice being set. Traditionally a client attending your premises could easily see if you were lax with attitudes to privacy and reassure themselves you were ‘safe’. There were no notes lying around, or indiscreet conversations in the reception area.
- How has that changed with online working?
- What efforts can you go to assure your clients that your systems are as robust as they should be?
- Can you reassure clients that they are as safe with you as they are with any quality provider?
Traditional routes for clients to be referred to practitioners are also a part of the new equation, marketplaces offer easy solutions to prospective clients, with a perfect therapist just a few clicks away; but do not always deal with these requests in a sensitive way. I have recently seen first-hand use of the distressed words of someone looking for help as a recruiting tactic, and it seems less than ethical. So how is the digital health space promoting confidentiality for users? And whose job is it to make people feel safe enough?
Digital behaviour happened, and now digital trust is our next challenge – privacy, security, and services that account for these things. We must be concerned with driving and maintaining the standards that clients expect for their appointments that are no longer booked by telephone, for their sessions that are no longer behind at least 2 closed doors, for their notes that were behind closed doors and then in a locked filing cabinet. Clients trust practitioners to close every door and turn every key.
The future of private practice will always be digital now to some degree,
- Demand for health and wellbeing services has never been higher
- Digital does not need to dilute standards
- Collective working will drive quality
Is technology going to replace therapists? It should not. Its role should be to enable, to support and to monitor both practitioners and clients. Show clients proudly how you use software built for the safety requirements of health and well-being services. Use tools that you can influence, through communities, membership bodies and individual feedback.