What You Need to Know About Secure Mobile Messaging in Healthcare

By Michael Senter | Published 5/3/2018 0

Doctor on ward using cell phone 1500 x 1000

Modern workforces are becoming increasingly connected to a world of digital information. With 77% of Americans now owning a smartphone, it’s never been easier to create, access, and share information online; from anywhere, at any time.

Given the widespread adoption of smartphones more generally, it should come as little surprise that the healthcare industry is becoming more and more reliant on mobile devices. One recent study revealed that four in five physicians (81%) use smartphones at work, while another study showed 88% of nurses are utilizing mobile to aid their daily tasks, including accessing clinical data and communicating with other staff at a medical facility.

 The increased adoption of mobile technology in healthcare is facilitating a shift in everyday workflows amongst healthcare professionals, and mobile messaging, in particular, is leading the charge in this transformation. A HIMSS Analytics survey of clinicians, clinical informaticists, and IT professionals found that secure messaging was the main driver in clinical communication selections. Users are seeking solutions that are not only HIPAA-secure but can also provide workflow and communication capabilities within a single, unified application.


Streamlining clinical workflows and patient care

Unlike pagers, which provide one-way communication, mobile messaging allows for two-way or group messaging, which helps accelerate workflows and enhance team collaboration. In turn, this improves efficiency, reduces wait times between requests, and significantly reduces the chances of a message not being seen by the intended recipient.

Consequently, patient health outcomes have been proven to improve through the use of mobile messaging. A study of two Pennsylvanian hospitals in 2016 found that care teams that communicated via secure mobile messaging were able to significantly reduce their patients’ length-of-stay, compared to those using pagers. Over the course of one year, researchers found that patients whose providers used secure mobile messaging were discharged 0.77 days sooner, equivalent to a 14% reduction in stay.

Mobile messaging also has the potential to improve communication between caregivers and their patients – enhancing patient care, reducing missed appointments, and improving relationships. However, even when communicating with existing patients, the HIPAA rules still exist, and therefore any sensitive data must be transmitted through secure channels. Plus, in order to meet HIPAA requirements, patients must first opt-in to any mobile messaging communications.


Minimizing errors

According to the Joint Commission, the not-for-profit organization responsible accrediting and certifying more than 21,000 healthcare organizations and programs in the United States, an estimated 80% of all medical mistakes are due to miscommunication between caregivers. Communication within healthcare organizations can be disjointed and complex, with archaic systems and inadequate hand-off procedures largely to blame; a seemingly quick exchange of information typically has to relay through several parties and at any of those points, a message can easily become distorted.

Real-time alerts and audit trails offered as part of secure mobile messaging solution help solve this problem, and ensure critical alerts don’t get missed.

Before getting started

The accessibility, scalability, and familiarity of mobile messaging as a service makes it a viable solution for care teams across the entire healthcare spectrum, inducing physician practices, hospitals, home health agencies, and everything in between. However, not all secure mobile messaging platforms are created equal, so finding a suitable solution is not always easy. By asking potential vendors a number of questions, organizations can make more informed decisions during the selection process. These questions should include:

  1. Is the solution truly HIPAA Compliant?

A HIPAA-secure mobile messaging provider will be able to provide assurances in the following key areas:

  • Administrative safeguards – A data termination procedure must exist, so PHI (Protected Health Information) can be quickly removed from the device. The application should also possess a remote wipe or shutdown functionality, to minimize data being exposed should a device be misplaced.
  • Physical safeguards – The application should be secured via PIN lock and strong multi-factor authentication.
  • Technical safeguards – PHI must be encrypted to the highest security standards throughout its entire lifecycle.
  • Redundancy – In order for an app to be HIPAA-secure, it must have data back-up procedures and a disaster recovery plan to protect PHI in the event of a device being lost or stolen.

The HIPAA rules also generally require that covered entities enter into Business Associate Agreements with their vendors (business associates) to ensure PHI is adequately safeguarded at all times. Failing to execute such a contract can be detrimental to both covered entities and their business associates, with OCR prepared to distribute serious penalties for noncompliance. If a vendor won’t sign a Business Associate Agreement, covered entities have every reason to question their security and privacy credentials.

  1. Can we integrate the secure messaging solution with existing applications?

In an effort to further streamline clinical workflows, organizations may look to integrate a secure mobile messaging application with existing tools and services, such as scheduling platforms, EHRs, and call centers. Integrating with a call answering service, for example, can help create a culture of more efficient patient care by providing instant connections to incoming calls, voicemail messages, and patient updates.

 Is there a desktop version available?

Mobile may be the dominant force in most modern healthcare environments, but providers still need services that communicate across both desktop and mobile platforms. Therefore, providers should seek a solution that offers applications for desktop, as well as iOS, and Android devices.


The bottom line

Secure mobile messaging in healthcare settings can be an effective way to improve care coordination and communication, but like any form of communication, it is not totally risk-free. Before rolling out secure mobile messaging throughout an organization, those responsible for managing its implementation must first establish workplace policies that clearly define best practices, potential risks, and user responsibilities. These policies should be reviewed regularly, and staff should be trained to reflect any changes in procedure. Most importantly, organizations need to ensure the solution they are considering is not just secure, but is HIPAA-secure – there’s a big difference, and failing to employ a service that has a proven track record in keeping PHI secure, could be a costly mistake.

Michael Senter

Michael Senter is the CEO of DocbookMD, a company that provides care teams with HIPAA-secure messaging and real-time alerts to streamline communication, accelerate workflows and enhance team collaboration. Michael joined DocbookMD in March of 2015. He has over 15 years of experience providing solutions to highly regulated industries, including healthcare. Most recently, Michael has been focusing on the unique challenge of IT security in healthcare organizations.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Comment will held for moderation