Telehealth and telemedicine providers take care of patients across broad geographical and culture borders that may lead them cybersecurity risks…

In the global pandemic we are in, there are new and evolving challenges faced by the healthcare industry when it comes to providing healthcare remotely.

Traditional healthcare providers and even start-ups in Asia are offering telemedicine services to bridge the social distancing gap, benefiting the elderly and the ill, especially those in cities without ease of access to healthcare.

However, one area that such health providers may need to consider is the increased exposure to cyberattacks. By going digital, they are exposed to more risks and providing cybercriminals an additional avenue for attack.

Nicholas Tey, Regional Manager, International Financial Lines, Beazley Asia Pacific

From remote medical consultations through to the use of apps and wearable technology to monitor health conditions, the number of telehealth users across Asia had risen sharply in H1 2020, making it an attractive sector to new entrants and investors. Being unfamiliar with the digitals risks of such technology in the midst of heightened cybercriminal focus, are they well-covered by comprehensive insurance policies? CybersecAsia had a chat with Nicholas Tey, Regional Manager for International Financial Lines, Beazley Asia Pacific, to find out more.

CybersecAsia: What are the mistakes that telehealth care providers avoid in the area of privacy and due diligence? How can they avoid committing such mistakes?

Nicholas Tey (NT):  Telehealth’s heavy reliance on technology introduces additional risks compared to those faced by the more-traditional healthcare providers. Some common cybersecurity issues that telehealth providers should be cautious of include diagnostics errors arising from flawed data or a technology failure; loss of sensitive patient data particularly if a third-party provider is engaged; and risk of employees accessing recordings or screenshots of a medical consultation without authorization.

Failure to disclose certain commonly overlooked-information may also arise. This could include a lack of thorough checking of patients’ surrounding hazards during tele-physiotherapy; delayed dispatching of medication; or failure to cater to localized cultural and environmental concerns.

In order to avoid some of the issues listed above, Telemedicine providers should ensure they have proper cybersecurity solutions in place, and outline clear standard operating procedures for healthcare practitioners and employees to follow during telehealth sessions. Having a holistic insurance solution in place that covers a range of risks is recommended to ensure they are adequately protected.

CybersecAsia: Which are the more common risks that patients are exposed to?

NT: Common risks within telehealth include medical malpractice, health implications caused by cyber-related incidents such as a glitch in an application, lower standard of care caused by the failure of technology; and privacy and data security risks, including personal data breaches.

CybersecAsia: Do you foresee the industry of virtual care growing only bigger in the coming years? Even as we have accepted telemedicine as a necessity, should we consider telehealth-related insurance as a must-have?

NT: The telehealth sector has seen strong growth across Asia in recent years. This has only accelerated since the outbreak of COVID-19 as more people seek to access virtual healthcare through both choice and necessity.

Patients are becoming more comfortable with using telehealth care and this behavior is likely to remain after the pandemic, especially given Asia’s aging population and the convenience that telehealth offers. We are also seeing exponential growth with medtech and wearable technology that help monitor or deliver healthcare in the coming years.

Organizations handling medical data and providing tele-medical care face a broad range of business and other risks that cross many traditional insurance product lines. Therefore, it is important they do not end up with a patchwork solution that leads to gaps in coverage and complex claims handling and coordination.

Avoiding potential coverage gaps

With new technologies and business opportunities come new corporate risks that need to be covered with insurance. The range of risks can be so varied that more than one policy may be needed. To ensure that no coverage gaps leave healthcare organizations vulnerable, Beazley is one of the first insurers to launch a program that provides comprehensive insurance protection against risks associated with technology-enabled healthcare and wellness services—all in one modular insurance policy.

Said Tey: “We can only expect that there will be others to follow and provide comprehensive insurance protection for telemedicine companies.