Telemedicine for Otolaryngology

Telemedicine for Otolaryngology

John Kokesh

Chris Patricoski

Stewart A. Ferguson

Telemedicine utilizes technology to enhance communication and provide services over a distance. In this way, “telemedicine” represents an evolution in health care that has adopted the technologies and communication infrastructure now available in society. The telephone and fax machine were the earliest telecommunication tools used in clinical practice, and are now so ubiquitous that we can hardly imagine medicine without them.

With the rapid advances in technology and telecommunications, and perhaps more importantly, widespread societal acceptance of technology, a new generation will redefine how medicine is practiced in the future. “Telemedicine” will likely become an antiquated term requiring redefinition, no longer describing a niche area in certain medical specialties but rather a methodology by which modern information transfer is used to improve the practice of medicine.

This chapter examines the current telemedicine technologies and present applications of telemedicine in otolaryngology. While telemedicine has grown significantly in the last 10 years, there is a need for further adoption throughout the United States. The realization that improvements are needed in access for care, costs of care delivery, and availability of medical specialists will likely help remove some of the barriers that have thus far thwarted widespread innovation and adoption of telemedicine in otolaryngology. The nature of the specialty, with well-developed and extensive use of endoscopy, microscopy, photographic imaging, and physiologic data, makes otolaryngology a potential beneficiary of an expanded role for telemedicine in the future practice of medicine.


Telemedicine is no different from other forms of clinical care in regard to the applicability of regulations governing privacy and security. The use and disclosure of an individuals’ health information (protected health information [PHI]) by providers and organizations are subject to national standards and regulations—regardless of the care delivery model. Most notable among these are the so-called HIPAA Privacy and Security Rules and the more recent HITECH Act:

  • The Standards for Privacy of Individually Identifiable Health Information (Privacy Rule) was issued by the US Department of Health and Human Services in 2000 to implement the requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Privacy Rule standards address the use and disclosure of individuals’ health information called “protected health information” by organizations subject to the Privacy Rule (covered entities) as well as standards for individuals’ privacy rights to understand and control how their health information is used.

  • HIPAA also mandated the creation of national standards for the security of electronic health care information, which were then released in the final “HIPAA Security Rule” in 2003. This final rule specified a range of administrative, technical, and physical security procedures for covered entities to use to for electronic protected health information (ePHI); the standards were delineated into either required or addressable (optional) implementation specifications.

  • More recently, the Health Information Technology for Economic and Clinical Health Act (HITECH Act) was passed as part of the American Recovery and Reinvestment Act of 2009 (ARRA). Because HITECH contains incentives designed to accelerate the adoption of electronic health record (EHR) systems and potentially generate a massive growth in the exchange of ePHI, the HITECH Act further broadened the scope of privacy and security protections established under HIPAA.

A good “rule of thumb” is to recognize that a telehealth system should be treated no different than an EHR system in regard to privacy and security. Telehealth systems are designed to capture, transmit, store, and display ePHI— as are EHR systems. Many telehealth systems interface to EHRs and share information in a back-and-forth manner to provide a more complete view of the patient record. Telehealth systems sometimes contain information that is potentially “more identifiable” of the patient as they may contain images of the patients face or other body parts.

It is not possible to provide a thorough review of the HIPAA and HITECH regulations as they apply to telehealth systems, but the following features are recommended in any telehealth system to maximize the ability to comply with HIPPA and HITECH. While the general concepts apply to VTC, S&F, and RPM, the remainder of this section uses S&F telehealth as an example for how these standards and regulations may apply.

  • All data should be encrypted “at rest” and during “transport.” Data flow (i.e., “transport”) in a telehealth system from a computer (or system) in the patient exam room to other systems where remote providers (or specialists) can view the data. Data may stay on a server (at rest) or a desktop PC for hours or days until a provider can view that data. Data that are encrypted are not “readable” or “viewable” without the right key to “decrypt” the data. This prevents unauthorized users from accessing the data and provides a significant level of privacy and security protection. While some organizations elect to not encrypt data flowing within their private network, telehealth services are becoming much more common between organizations with data flowing outside of organizational networks and potentially across Internet links, further accentuating the need to encrypt the data.

  • Access to data through a browser—such as Internet Explorer or Safari—should rely on an encrypted connection (e.g., “https” instead of “http”). When this access
    occurs across the Internet or outside of an organization’s trusted network, the Web site should provide “https” connectivity using a security certificate from a trusted organization—thereby allowing users to have greater trust in the web server’s authenticity.

  • Systems that require data to move between organizations or across nonsecure networks should include a mechanism to make sure the data do not change (data validation) and a mechanism to verify the site or provider that originated the data (nonrepudiation). This is usually accomplished through electronic signatures and “hash” algorithms.

  • The telehealth system should integrate with the user authentication mechanism used by the organization, so the user account can be managed through a central mechanism and password policies can be enforced (e.g., regular changes, minimum password length, and complexity).

  • All major user activities should be tracked within the telehealth system through an audit mechanism. As a minimum, all successful and unsuccessful log-in attempts should be logged as well as any changes that impact patient data.

  • Users should have sufficient access for their needs, but no more. Role-based security is an excellent mechanism whereby users are assigned to various roles (e.g., consultant, trainer, clinical administrator) that define their access to telehealth data and functionality. Time-outs should be employed to limit access to data should a provider leave a workstation prior to logging out.

  • Recognizing that not all telehealth cases are necessarily equal, the telehealth system should provide a mechanism to indicate when a case is “sensitive” or requires tighter security than other cases. Such cases might include abuse cases, mental health cases, or HIV/AIDS cases.

  • Similar to EHR systems, telehealth equipment (workstations, servers, medical devices) can all contain ePHI and as such need to be physically secured to prevent loss of data due to theft or unauthorized access.

  • The telehealth system needs to be managed and protected similar to an EHR system. This would include, for example, accepting updates only when tested and provided by a reputable source, backing up data and providing for disaster recovery efforts, active defenses against viruses and other malware, and protecting equipment against loss of power or intermittent power surges.

It is not uncommon to find providers that rely on e-mail as a simple telehealth solution—allowing for the exchange of images and basic textual information about a patient. This should raise significant concern based on the proceeding information, as an e-mail system is often not considered a secure system by most organizations and will limit or impede and organization’s ability to achieve HIPAA compliance.


Telemedicine has been used in the field of otolaryngology since the early 1990s. Use has occurred primarily in those situations where there was a remote, isolated population to serve; a shortage or lack of availability of otolaryngologist; or, more recently, backlogs of patients needing otolaryngology care inadequately addressed by the existing delivery system. Applications have been partially driven by available technologies and their cost, and the spectrum of clinical services that can be delivered at a distance has increased with advances in technology and communication infrastructure. Finally, most of the usage and research in the use of telemedicine in otolaryngology has occurred in those settings where the financial and regulatory barriers that have limited the widespread use of telemedicine in the United States are less formidable and where telemedicine programs have been designed to meet a specific clinical or population need. Examples include programs run through the United States Department of Defense and the United States Public Health Service as well as programs in countries with national health plans.

Otology and Neurotology

The ability to obtain and transmit diagnostic quality images of the tympanic membrane and middle ear has been well established. Pedersen, in pioneering work done in Norway, showed that a video otoscope coupled to a VTC network could be used to allow a remotely located otolaryngologist to direct patient examinations and establish diagnoses and treatment plans. This resulted in improved access for otolaryngology care as well as reduced cost for care delivery to isolated populations (14). Additional work using this methodology has verified that high-quality images can be routinely obtained with the video endoscope, even in pediatric populations (15). Still images of tympanic membrane obtained by a video otoscope and accompanied by audiologic and tympanometric data and transmitted using S&F technology were used to deliver otology consultations to patients in remote areas of Western Australia (16). Exam findings and diagnoses based on S&F examination using digital images from a video otoscope for children with previously placed tympanostomy tubes were found to correlate highly with those established by in-person encounters with otolaryngologists using binocular operating microscopes (17). S&F telemedicine using tympanic membrane images, clinical histories, and audiologic data has been shown to allow for accurate planning for chronic ear surgery (18).

This work has demonstrated that telemedicine, whether VTC or S&F, is a useful tool for delivering otology care. As diagnosis depends to a great degree on the physical characteristics of the tympanic membrane, image quality is critically important. Images must be in focus, adequately
illuminated, and free of obstruction. A high-performing video otoscope proves to be a worthwhile investment, and training must be provided to those acquiring the images to ensure consistent high quality. While most video otoscopes do allow for insufflation, and tympanic membrane mobility can be assessed if VTC is used, the addition of tympanometric data has generally found to be a useful adjunct to images. When “packaged” with digitized clinical histories and audiograms, an otology “case” can be created that can be reviewed by the otolaryngologist and in most cases lead to an accurate diagnosis and treatment plan (Fig. 205.2). When used over an S&F platform and coupled with clinical guidelines and standards for the information required by the consultant, telemedicine can become an extraordinarily efficient way to diagnosis, triage, and offer treatment advice for otologic disease.

Figure 205.2 Typical otology case in AFHCAN tConsult software. Case includes images, audiogram, tympanogram, and clinical history.

Only gold members can continue reading. Log In or Register to continue

Stay updated, free articles. Join our Telegram channel

May 24, 2016 | Posted by in OTOLARYNGOLOGY | Comments Off on Telemedicine for Otolaryngology

Full access? Get Clinical Tree

Get Clinical Tree app for offline access