Guest Column | May 17, 2017

How Secure Messaging Platforms Protect Patient Data, Ensure Compliance, And Foster Collaboration

HITO Galina Datskovsky, Vaporstream

By Galina Datskovsky, CEO of Vaporstream

Patient care requires fast-paced, asynchronous collaboration that ensures quick responses for life-saving decisions. Because text is the most rapidly responded to communication channel utilized today, many healthcare professionals communicate and collaborate via their mobile device. In fact, a recent HIMSS Analytics study reported 70.6 percent of IT professionals, clinicians, C-suite executives, and department heads use smartphones for EHR access, and 76.5 percent access clinical information through smartphone apps. However, according to Lisa Gallagher, vice president of technology solutions for HIMSS, text messaging by clinicians is a major source of protected health information (PHI) leaks and violation of HIPAA privacy and security standards.

To reduce cybersecurity risk, ensure compliance, and improve efficiency, healthcare organizations have started to implement enterprise-wide secure messaging platforms to communicate sensitive information and patient data. These platforms allow employees to leverage the convenience of text messaging without jeopardizing the integrity of patient data or the reputation of the business that could result from a data breach or compliance violation. While larger healthcare systems have started to incorporate secure messaging into their communications, small and midsize organizations, specialty clinics, support groups, and even dentistry should also strongly consider utilizing these platforms as they’re held to the same standards and face the same risks.

Cybersecurity Risks To Patient Information

Healthcare consistently ranks as the number one, most targeted industry for cybercrime which is no surprise given the fact patient data sells for more money than any other information on the black market. Because healthcare organizations have lagged behind in terms of implementing advanced cybersecurity technology — and attackers are becoming ever more sophisticated — cyber threats show no sign of slowing down. In fact, major cyberattacks on U.S. healthcare organizations increased 63 percent in 2016 alone. However, cyber criminals are not just targeting enterprise healthcare systems, as one of the biggest healthcare data breaches of last year affected 882,590 patients of an anesthesiology and pain clinic.

While hospitals may have protection for their computers and systems such as antivirus and firewalls, a new trend in ransomware is targeting mobile devices. According to Kaspersky Labs, between 2014 and the present mobile attacks have almost quadrupled and are expected to be even more popular in 2017. Without a secure messaging platform in place, hospitals and healthcare organizations will remain vulnerable to advances is “smishing” (SMS phishing) and other mobile cyberattacks, as 95 percent of healthcare professionals, physicians, and nurses use their smartphones and tablets for work — whether sanctioned or not.

Unlike SMS text messaging, senders communicating via an advanced secure messaging platform have complete control of the communications, images, and documents they deliver meaning, recipients cannot copy, forward, store or share information received. This denies unintended propagation of sensitive patient data outside of the circle of care. Further, secure messaging platforms can prevent images from being screenshotted and users can shred or expire sent messages at any time from all devices and message servers, providing ultimate control over the conversation and content at all times. Messages can also be set to automatically expire based on corporate policies that establish appropriate timeframes per role.

Stricter HIPAA Standards

Due in part to the increase of cybersecurity risks that threaten the integrity of patient information, HIPAA will be enforcing stricter compliance requirements for small to midsize healthcare businesses this year resulting in higher fines and even jail time for major violations. Hospitals not requiring employees to communicate via secure messaging platforms not only put patient data at risk, but their entire business as employees will continue to use non-compliant messaging channels to communicate sensitive patient information if a secure option is not available.

Secure, ephemeral, and compliant messaging platforms provide a means in which to confidentially collaborate between care giving teams, physicians, specialists, pharmacies, payers, and even the patient, enabling healthcare professionals to utilize text in a HIPAA-compliant manner. What’s more, advanced platforms integrate with leading EHR and scheduling systems to increase efficiency and compliance. Further, a reputable secure messaging provider does not have control or even a copy of users’ data, so patient data is always under the control of the healthcare organization.

By archiving a single instance of text messages into the EHR to ensure complete and comprehensive record, any burden of manual transcribing is essentially eliminated and can, in fact, improve efficiency and decision making for superior patient care.

Efficiency Challenges Prohibiting Collaboration

When caring for patients with changing care needs, nurses often need to locate doctors in-person or via phone to verbally communicate updates which can often result in miscommunications or delayed care. Relying solely on verbal communication hinders workflow, patient care and collaboration should the physician or practitioner not be on call, in surgery or otherwise unavailable — something particularly important during emergency situations. Whereas waiting for a return call can delay treatment, text is an alternative, quick response mechanism in which to share information, images, etc., in order to quickly get direction and orders on how to proceed.

Unlike in-person communication, a geographically-separated doctor can easily collaborate and consult with other doctors or nurses throughout the decision-making process via secure messaging. With the ability to take and share photos real time, healthcare organizations can improve the odds of better patient care and, in some cases, patient survival. Further, secure group chat features create a central source for collaboration and shared decision making among care providers.

In an age of increased innovation, mobility, and security concerns, secure messaging helps organizations improve efficiency and business workflows to expedite response times, improve decision-making, and increase knowledge sharing – all without jeopardizing security or compliance. From admissions, to emergency room staff, to physicians and specialists, to nurses and home healthcare and hospice, to skilled nursing and more; secure messaging helps medical professionals communicate with confidence.

About The Author

Dr. Galina Datskovsky, CRM, FAI and serial entrepreneur is an internationally recognized privacy, compliance, and security expert. Galina is currently the CEO of Vaporstream, a position where she applies her knowledge and strategic guidance in building businesses, product development, and governance policies, as well as cyber security.