HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Secure Text Messaging in Hospitals

Secure Text Messaging in Hospitals

Secure Text Messaging in Hospitals

Secure text messaging in hospitals is a cost-effective solution for healthcare organizations to comply with the Health Insurance Portability and Accountability Act (HIPAA). The solution works by maintaining encrypted PHI on a secure server, and allowing medical professionals to access and communicate sensitive patient data via secure messaging apps.

The solution is particularly appropriate for healthcare organizations that have pursued BYOD policies, as the app works across all operating systems and devices, and replicates the speed and convenience of SMS messaging. Indeed, in many organizations in which secure messaging for medical professionals has been implemented, communications have accelerated – with the result that productivity has increased and the standard of patient healthcare has been enhanced.

How Secure Messaging Apps Comply with HIPAA

There are many ways in which secure messaging apps help healthcare organizations to comply with HIPAA. The requirement to log into the apps with a unique username and PIN code ensures compliance with the receipt authentication safeguards while allowing the secure messaging platform to record access to PHI and compile an audit trail of how it is communicated.

The secure messaging apps only allow PHI to be communicated between authorized users, and controls are in place to ensure that PHI cannot be transmitted outside of the organization´s network or saved to a mobile device´s hard drive. Further security features give administrators to ability to remotely retract and delete communications, and an authorized users can be removed from the network if their mobile device is lost or stolen.

Please see the HIPAA Journal Privacy Policy

One of the biggest security concerns related to secure messaging for medical professionals is when mobile devices or computers are left unattended. Medical professionals accustomed to SMS and unsecure messaging services will not be used to logging out of their device at the end of a conversation – potentially giving unauthorized third parties access to PHI. The secure messaging apps have this scenario covered, and they time-out after a period of inactivity to protect the integrity of PHI.

The Benefits of Secure Messaging for Medical Professionals

Some of the security features incorporated into the secure messaging apps have produced benefits which increase productivity and enhance the standard of patient healthcare – most notably the message delivery notifications and read receipts. These two features advise senders that their messages have been received – eliminating phone tag and the need for follow up calls via insecure channels of communication, increasing message accountability and accelerating the flow of communication.

The text-like interface of secure messaging apps means that secure messaging for medical professionals is easy to adapt to and, as the secure messaging apps work in a similar way to other unsecure apps, medical professionals can attach files, images and videos relating to their patients – thereby accelerating diagnoses and the course of treatment that should be administered to a patient. Secure text messaging in hospitals can also be used to transmit prescriptions to pharmacies – reducing wait times for patients and complying with Stage 2 Meaningful Use.

Although difficult to quantify, possibly the most significant benefit of secure text messaging in hospitals is that it fosters collaboration. Collaborative practice has been identified as key to safe, high quality, accessible, patient-centered care; and secure messaging for medical professionals enables departments to collaborate securely on issues such as admissions, emergency-room hand-offs, diagnoses, discharges and rehabilitation. One study calculated that discharge times could be reduced by 50% when conducted by secure text messaging in hospitals – saving each healthcare facility an average of $557,253 per year.

HIPAA Secure Texting Case Study

To illustrate the benefits of secure text messaging in hospitals, we present a case study taken from the pages of TigerText.com – the world´s largest supplier of secure messaging solutions. TigerText has been implemented at more than 5,000 medical facilities to help healthcare organizations comply with the HIPAA regulations, and at the Houston Fertility Institute in Texas, secure messaging for medical professionals resulted in:

  • A 20% Improvement in Scheduling – scheduling conflicts were resolved through secure texting, minimizing miscommunication of patient information between doctors and nurses.
  • A 15% Increase in Patients – With the scheduling issues resolved, staff at the Institute were able to attend to more patients and deliver a higher standard of patient healthcare
  • An 80% Reduction in Emails and Phone Tag – The accelerated communication between departments was complimented by the ability to upload PHI onto the secure server and distribute patient information – quickly, accurately and securely.

This is just one example of many in which secure text messaging for hospitals – when used as a priority channel of secure communication – has resulted in increased productivity and enhanced the standard of patient healthcare. The Medical Director at the Houston Fertility Institute commented: “TigerText is a lifesaver. We were able to simplify communications without losing any data. It helped optimize our follow-up process, relying on TigerText for all responses.”

Policies for Secure Text Messaging in Hospitals

Such has been the success of BYOD policies, more than 80% of medical professionals now use a personal mobile device in the workplace. Consequently it is essential that healthcare organizations introduce policies for secure text messaging in hospitals in order that medical professionals are aware of the circumstances in which secure messaging apps should be used to communicate PHI.

A policy administrator should be assigned to develop and implement policies to ensure the appropriate usage of the secure text messaging solution, and the sanctions that will be applied if a staff member is found to be responsible for a breach of PHI. Policies should be reviewed frequently – and amended as necessary – to account for changes in work practices, technological advances and further regulation which affects secure text messaging in hospitals.

The penalties for a breach of PHI can run into millions of dollars, and if a healthcare organization has not implemented a mechanism to support secure messaging for medical professionals – and policies for secure text messaging in hospitals – it could prove to be a very false economy!