9 Things You Need to Know About Amazon's Alexa Healthcare Skills


Last week Amazon unveiled their newest innovation in their push towards entering the healthcare industry with new Alexa Healthcare Skills. Essentially, they announced that specific healthcare entities can create new Alexa healthcare skills, subject to HIPAA.

The announcement also came with six new Alexa healthcare skills from healthcare providers, payors, pharmacy benefit managers, and digital health coaching companies. Specifically, Express Scripts, Cigna Health Today, My Children’s Enhanced Recovery After Surgery (ERAS), Swedish Health Connect, Atrium Health, and Livongo.

So what does this mean for the healthcare industry, the patient experience, and patient privacy?

The Known

Here’s what we know about what the new Alexa Healthcare Skills bring to the healthcare space.

Alexa Healthcare Skills is huge for the patient experience

Amazon announcing HIPAA compliant Alexa Healthcare Skills is a massive innovation to the patient experience. Although other healthcare technologies in the past promised similar enhancements for patients, they were often bottlenecked by via technological learning curves, patient’s inability to use them, or patients refusing to use them. Alexa and similar smart speakers have a very small learning curve since they operate using voice commands.

Beyond basic healthcare Q&A

Prior to this, Alexa’s healthcare knowledge was limited to answering general questions about health conditions, basic treatments, common symptoms, etc.

Now that she can provide HIPAA compliant services to patients, she’ll be able to accomplish healthcare-related tasks such as; answer health-related questions, deliver reminders for medication, facilitate communication with one’s doctor, provide health-related coaching, and more.

More available healthcare options

Many healthcare organizations have been trying to make it as easy as possible to come in for a check-up or visit. This is not only because it has a direct effect on their revenue but also because patients are more likely to visit a doctor and seek care if it is an easy process.

Smart speakers are not only a customer-facing technology that will soon be used in doctor’s offices and operating rooms.

Give peace of mind with elderly family members

Pairing a small learning curve up with current and future additions of various health and wellness-monitoring capabilities makes it easier for elderly patients to receive necessary health information from the comfort of their home. Additionally, family members of these patients will only be one voice command away in case of an emergency.

Save healthcare employees some time

As a large portion of the population continues to grow older, it’s no surprise to hear that we’re anticipating a shortage of nurses. Adding HIPAA compliant smart speakers like Alexa will help alleviate some of the more general, tedious tasks to allow for them to spend it on more meaningful tasks.

The Unknown

Here’s what we don’t know about Alexa Healthcare Skills either because it’s too early to tell or hasn’t been explicitly specified yet.

Enhanced risk for breaches

Any cybersecurity specialist will tell you that the more entry points or devices there are within an internet-of-things environment, the higher the chance of a breach. Patient health information (PHI) is highly sensitive information that is extremely valuable to individuals with malicious intent.

If there is ever a breach due to a smart speaker. It could be hard to determine which company involved in Alexa Healthcare Skills are at fault. Is the burden on Amazon or the healthcare company partner that developed the application?

Patient privacy boundaries

As we all know, Amazon is an e-commerce giant. Theie success is largely due to their logistics, customer service, and ability to recommend products to customers. But what happens when an e-commerce company, whose main goal is to sell consumers products, gets access to healthcare information?

Whether or not Amazon has direct access to PHI has a lot to do with what’s contained within the data agreement between them and their partner.

No formal HIPAA certification process

As it currently stands, there is no formal or official certification process for becoming a HIPAA compliant entity or prove that someone is now HIPAA compliant. Of course, companies must be able to follow specific HIPAA requirements such as the Privacy Rule, Breach Notification Rule, and Security Rule.

However, there is no agency that certifies whether or not a company is actually following HIPAA. There are specifically defined government organizations that can investigate allegations of HIPAA violations; the Office for Civil Rights, Department of Health and Human Services, and the Federal Trade Commission.

Unknown patient reaction and inherent trust

Another unknown is whether or not patients will inherently trust these smart devices to handle their patient information. There are scenario’s where patients do not want others to hear what Alexa has to say about their health, prescriptions, or doctor’s appointments.