Share this article on:
A survey has recently been conducted by Spyglass Consulting Group that indicates nurses are violating HIPAA regulations by using personal Smartphones in hospitals. The survey indicated that 67% of nurses were taking their iPhones and android phones to work and using them, even though 89% of hospitals do not permit the devices to be used at work.
The Spyglass survey indicates that nurses are not being given a pager alternative, as only 4% of hospitals currently reported having a Smartphone system installed for nurses. Furthermore, out of the 53% of hospitals that did have a Bring Your Own Device (BYOD) scheme in place, only 11% included nurses in that scheme. The situation does appear to be improving as more than half of the organizations taking part in the survey claimed to be about to extend coverage to nurses.
The use of mobile phones for hospital communications is forbidden, as the devices are insecure and lack the necessary controls to keep confidential data secure. The sending of any PHI via text message is an immediate HIPAA violation, unless the text is sent via a secure text channel that encrypts the message. HIPAA-compliant secure text messaging is essential, as are policies covering the use of personal devices at work.
The reason for this is not only due to the data security threat, but also the risk of contaminating a sterile environment. Bringing mobile devices from the outside into a sterile hospital carries a high risk also introducing germs.
A Viable Replacement for Pagers is Essential
Nurses are using their Smartphones because the systems in place for hospital communications are outdated, slow and lack the sheer convenience of modern portable devices. According to a recent Ponemon Institute report, pagers are costing the healthcare industry dearly. It estimates that 5.1 billion is wasted each year by clinicians waiting for information to be sent, which corresponds to a shocking 46 per minutes per day. A further $3.2 billion was lost through slow discharge processes.
Nurses are clearly aware that the use of mobile devices is not without risk. 88% claimed to be concerned about HIPAA Security and Privacy Rule violations, yet the devices are still being used even though they may potentially introduce viruses or malware or result in the unauthorized disclosure of healthcare information.
Since hospital procedures are being ignored, healthcare providers must take action. The solution is perhaps not greater policing of mobile phone use, but to rapidly introduce a viable alternative to pagers and to make mobile devices HIPAA-compliant. Introducing a secure text messaging platform is one easy way to ensure that any messages sent are encrypted, protected and do not breach HIPAA Regulations.
However failure to take any action could result in a fine from the Department of Health and Human Services’ Office for Civil Rights, and potential liability in civil claims for privacy violations.