Why Zoom is Not the Right Telemedicine Tool for Your Clinic

When the pandemic hit, Zoom calls became part of our everyday life and did a great job helping people keep in touch. We have come to love Zoom for its easy-to-use video conferencing, group calls, webinars, and online events. However, when it comes to using Zoom for telehealth, there are a lot of downsides. Zoom’s video conferencing tool is not enough to set up quality telemedicine appointments.

Telemedicine services require a full-featured, comprehensive system to cover each stage of the patient’s virtual care experience — from intake to post-visit treatment. Your telemedicine software should include but shouldn't be limited to:

• audio and video connection 
• pre-visit triage, scheduling, and booking
• billing and follow-up activities 
• client and team management
• secure intake forms
• automated appointment reminders and confirmations

If you are weighing telemedicine options and are unsure what platform will best suit your remote medical practice needs, we can help find the right telemedicine platform for your healthcare business. But first…

Can Zoom be used for telehealth?

Zoom has many issues concerning privacy. Since telemedicine is about transmitting sensitive patient health information, mainly via video, healthcare providers should be ethically and legally responsible for patient data security. What exactly is wrong with Zoom’s basic plan? 

#1 Zoom meeting recordings can easily be found and exposed 

Researchers have found thousands of private Zoom recordings online. According to Patrick Jackson, a former NSA researcher, Zoom videos could be found through a cloud storage search. Many were also easily found in Amazon Web Services (AWSs) with no password protection. This is probably because Zoom's naming is uniform and therefore easier to guess. 

Almost 15,000 separate recordings were left exposed, many of them including confidential information. These videos varied from educational classes to business calls and medical appointments. 

As long as Zoom users are allowed to save personal recordings in their preferred cloud service without password protection, Zoom is not a safe option to store and share sensitive patient health information.

#2 Zoom account information can be compromised and easily hacked

With the COVID-19 pandemic, Zoom use skyrocketed from 10 million users in December 2019 to over 300 million by April 2020, exposing many privacy and security issues. 

Many users have dealt with data leakages due to a “Company Directory” feature. The Company Directory automatically pools users with identical domain names together. Ideally, the feature should help people quickly find colleagues from the same organization. However, thousands complained that random users were added to their contact list, exposing their personal emails.

The possibility of personal data, such as email addresses, profiles, medical files, and images being compromised makes Zoom unfit for telemedicine.

#3 Uninvited guests might join Zoom meetings

As the popularity of Zoom meetings skyrocketed, "Zoom bombing" cases started to occur across the world. The term means hackers can access a Zoom call and join the session anytime, disrupting the messaging between participants or displaying something offensive, like inappropriate content or images, on the participants’ screens. These disruptions are unacceptable during patient-physician communication. 

#4 Zoom One lacks the required features for a seamless patient experience

Using Zoom One for telemedicine visits may waste time because physicians may need to use additional tools to create intake forms or legal agreements and send the forms to patients by email.

Without pre-visit triage, healthcare providers cannot collect and effectively analyze existing and new patient data. The same goes for automated patient feedback forms sent after the appointment. Feedback forms are necessary for clinicians to acquire the full picture of a patient’s health and to improve the quality of future telemedicine visits.

What should you look for in a telehealth solution?

When providing healthcare remotely, patients' security and well-being must come first. With that in mind, before looking for a telemedicine software solution that is easy to navigate and use, look for reliable and secure software. Look for the following qualities:

1. HIPAA compliance 

Privacy is one of the most essential concerns of a patient's remote care experience. Disclosing protected health information (PHI) can harm a patient's safety and overall well-being and put your clinic's reputation at risk. 

Complying with HIPAA guidelines is essential when offering virtual care services and communicating with a patient remotely.

The telemedicine platform you choose must be HIPAA-compliant, which signifies that:

• only authorized users can access ePHI
• all transmitted data is encrypted
• data stored in the cloud cannot ever be available outside the system
• ePHI is integrated and kept protected

To comply with HIPAA rules, healthcare providers cannot use insecure communication channels, such as Skype or Zoom One for telehealth visits. 

2. Security and safety

Clinics should look for secure and compliant data encryption embedded in the telemedicine software. By using encryption to safeguard ePHI, healthcare facilities can minimize the risks of a patient data breach. 

You can ask a potential telemedicine vendor these questions to learn more about security: 

• what is the encryption standard for patient health information in transit and storage?
• are there policies and procedures outlining documentation of ePHI?
• what is the procedure in case of a breach?

To truly ensure patient information security, you must regularly review your security protocols, update policies and procedures, and upgrade your software and security solutions.

Clinics should ask their telemedicine vendor for access control implementation measures. Access control measures and policies for digital information systems to protect patient medical information and ensure access to only those who are authorized.

For example, an access control measure could be providing the authorized person with a unique user identification to log in and keeping automatic log-out systems on their devices.

3. Ease of use 

Technology should ease and improve the patient telemedicine experience, not make it more complex and confusing. Your chosen telemedicine software should enable clear communication between patients and healthcare providers. Your telemedicine platform should be simple, intuitive in its design, reliable, and easy to install and update.

4. Customer support

No matter how reliable your software is, problems requiring a specialists' assistance may occur. Ensure your chosen telemedicine provider has a reliable and responsive customer support team to help you when necessary and quickly address any accidents or disruptions.

Ask your vendor the following questions:

• is technical support available for patients, healthcare providers, and clinical staff?
• how is customer support provided — via email, live chat, or phone?
• what are the support team's working hours?
• do you have to pay extra for customer support services?

Conclusion

If you decide to use telemedicine in your healthcare practice, to provide a long-term successful virtual care experience, you should ensure the confidentiality and integrity of patient data.

Zoom One may be a convenient option for flexible video calls, but using Zoom for telehealth is unsuitable.

Of course, no software is fully immutable to security threats, but you can reduce the risk almost to zero if you choose a reliable, HIPAA-compliant telemedicine solution for your clinic.