How NowRx Is Tightening Data Privacy In The Pandemic-Driven Telehealth Age

The ongoing COVID-19 pandemic has severely impacted the healthcare space, altering routine services such as picking up prescriptions or consulting with physicians. More consumers are making the switch to telehealth services that enable them to speak with healthcare professionals via video chat to prevent the exposure risk that comes with in-person visits to hospitals or doctors’ offices. 

This uptick in online medical interactions is putting increased pressure on healthcare insurers, providers and pharmacies to digitally identify patients swiftly and accurately in a secure manner, according to Cary Breese, CEO of California-based online pharmacy and prescription delivery service NowRx. 

“Digital identification has been a really big topic in the past several years, and we have been watching it closely,” Breese said in a recent PYMNTS interview. “Interestingly, the health industry has actually been ahead of that curve in terms of customer privacy and patient privacy … and as this movement toward more remote interactions in healthcare has continued to expand, now there is even more pressure to identify patients electronically.” 

Digital identification has become critical to healthcare during this time, especially as consumers’ own perceptions of online privacy continue to shift. Providers need to stay aware of how advancing regulations — such as California’s CPPA, the strictest data protection law in the U.S. — as well as consumers’ views on sharing their information may impact virtual healthcare. 

Healthcare And Setting The Privacy Standard

Pharmacies and other healthcare companies may be more used to guarding consumers’ data than other firms that are just now seeing rules like the California Consumer Privacy Act (CCPA) calling their security measures into question. Regulations such as the Health Insurance Portability and Accountability Act (HIPAA) have governed the sharing of personal medical information for decades, and these requirements have not been relaxed throughout the pandemic. Verifying that prescriptions are going to the correct patients in a way that is compliant with privacy regulations is thus a familiar challenge for the healthcare space, Breese explained. 

“Being in the healthcare industry, we have always required certain bits of information from patients,” he said. “If you … remember the last time you went to a doctor, you have got to give them your name and your birth date as well as some other identifying information like the address. … You can actually get remarkably accurate in identifying patients remotely if you have several bits of information, including date of birth, street address [and] names. We have login ID as well, so our app asks for login ID and emails, and with those bits of electronic information, we are able to identify patients securely with a high degree of accuracy.” 

NowRx functions as a traditional pharmacy, but the majority of the experience takes place online, and items are delivered to consumers’ homes rather than picked up at physical stores. This means it is currently exempt from CCPA’s requirements because it is already subject to HIPAA. This may not be the case in the future, however, Breese noted. These two rules could potentially converge, altering medical privacy requirements. 

It is impossible to state whether such a convergence is likely, but data protection developments should be watched closely — not just in the U.S. but also around the world, he said, especially because of the pandemic’s impact. More consumers are tapping telehealth services, and with this comes more interest in the standards that govern their digital information, medical or otherwise. 

“Patients are becoming more aware of that and demanding more security and more knowledge, frankly, about their healthcare information and privacy,” Breese said. “I think it is going to be a huge trend that we will continue to watch over the next several years.” 

This is an especially important trend, as consumers are expecting increased security and data privacy for the most routine online transactions, whether they are picking up prescriptions or making eCommerce purchases. 

Following Healthcare’s Lead 

Regulators are also taking closer looks at consumers’ changing perceptions and desires surrounding online security, and updated data protection standards are beginning to emerge worldwide and within many industries. Companies must be prepared for this new digital era, and U.S. merchants could follow the healthcare sector’s example. 

“I think it is really good for the consumers in California to have such a stringent consumer protection and privacy regulation in place,” Breese said. “I applaud it. … I think it is going to continue; I think more states are going to adopt [similar rules]. I think in all aspects of consumer life, we should have basically the type of privacy that we have in a healthcare setting. … That does set the standard.”

Digital identity verification solutions that can enable companies both inside and outside of the healthcare space to meet those standards are going to be essential, he predicted. Determining that consumers are who they say they are is critical not only for healthcare services and retail but also for routine activities like arranging transportation or picking up groceries. 

“I think this pandemic has really pushed the digital experience for consumers further along into even more mainstream,” Breese said. “The biggest question of today is how much of our old life returns after the pandemic, and I am a believer that a large amount of this movement toward more digital experiences and more convenient, more remote consumer experiences is going to continue and be here for the long haul. But time will tell.” 

Merchants in all industries must keep a close eye on how data privacy perceptions are progressing among consumers and how they can employ digital identification solutions to keep up as regulations continue to shift. Taking cues from the healthcare world may be one way to succeed.