AJMC finds telemedicine privacy gaps

Telemedicine privacy sounds like a software problem. But this study makes a more uncomfortable point — a lot of the risk lives in the room, not just on the screen. Researchers writing in *The American Journal of Managed Care* looked at how patients and primary-care providers experienced telemedicine after the pandemic surge, and what surfaced was a messier reality: remote care creates two physical spaces and one virtual one, and all three can fail in different ways. ### What actually changed with telemedicine? COVID turned telemedicine from a niche option into routine primary care almost overnight, which meant clinics had to improvise platforms, devices, and workflows fast. The AJMC paper, published May 31, 2024, tries to capture what that scramble exposed by using semistructured interviews with people in New York, North Carolina, and Florida. (ajmc.com) ### Who did the researchers talk to? This was a qualitative study, so the point was depth rather than huge sample size. The team interviewed 65 patients and 21 providers from primary-care practices tied to three National Patient-Centered Clinical Research Network sites, then coded the transcripts for privacy and information-security themes. ### Why isn’t this just a HIPAA story? (ajmc.com) Because the problem wasn’t only whether the app was encrypted or compliant. Providers said they initially struggled to find secure, HIPAA-compliant platforms and devices, but patients and clinicians also ran into privacy problems created by telemedicine’s “shared space” — people joining from homes, cars, hallways, or other places that were never designed for confidential care. ### What worried patients most? Patients liked the comfort of doing visits from home. But that comfort had limits. Many did not like seeing clinicians take virtual visits from outside an office setting, which gets at something basic: patients read the provider’s environment as a trust signal. If the clinician appears to be in a noisy or public place, the visit can feel less private and less serious, even if the software itself is technically secure. (ajmc.com) ### What was the problem with familiar apps? Some patients preferred tools they already knew, like FaceTime, because familiarity lowers friction. But familiarity and security are not the same thing. The study shows that patients could want the easiest platform and still worry about whether that platform was appropriate for medical conversations. That tension is basically the telehealth adoption problem in miniature — convenience pulls one way, trust pulls the other. (ajmc.com) ### Why did audio-only visits feel different? Audio-only calls raised a very specific concern: some patients were not sure they could confirm the clinician’s identity. That sounds small, but it matters. In person, identity is obvious. On video, it is usually easy enough. On the phone, the patient may be relying on voice alone while discussing medications, symptoms, or test results. (ajmc.com) ### So what’s the real takeaway? The paper’s most useful idea is that telemedicine privacy depends on physical infrastructure as much as technological safeguards. In plain English, a secure app is not enough if the patient has no private room, the clinician is taking calls outside the office, or the device setup feels improvised. Privacy in telemedicine is part cybersecurity, part architecture, part workflow design. (ajmc.com) ### Why does that matter now? Because telehealth is no longer an emergency workaround. It is part of normal care. If health systems want patients to keep using it — especially for primary care, where trust and continuity matter a lot — they have to treat privacy as an end-to-end experience, not a box checked by the platform vendor. ### Bottom line? This study does not say telemedicine is unsafe. (ajmc.com) It says remote care changes where privacy breaks happen. And once you see that, the fix stops being “buy better software” and starts being “design the whole encounter better.”