Guest Column | August 16, 2018

Mobile Messaging In Healthcare: 5 Myths Debunked

By Michael Senter, DocbookMD

HIPAA Text Messaging

The digital world is constantly evolving and healthcare technology is no different. With reports of some hospital doctors visiting up to 50 patients a day, clinicians are busier than ever. As a result, mobile messaging has become a popular way of communicating within healthcare organizations, as it offers a quick, accessible, and familiar solution that anyone with access to a smartphone can utilize.

But not all mobile messaging apps are created equal - or with HIPAA compliance in mind. By using mainstream messaging platforms such as Whatsapp, Facebook Messenger, or iMessage, healthcare professionals may be jeopardizing their patients’ privacy and putting their organization at a risk of a data breach, which can lead to significant fines and long-lasting reputational damage.

This considered, anyone considering using a mobile messaging solution in a clinical environment may first want to consider these five common myths.

Myth 1. Most Consumer Messaging Apps Are Secure

According to a report released by ‘A Spyglass Consulting Group’, 96 percent of medical physicians claim to use consumer text messaging apps to communicate patient information, with 30 percent admitting to having received PHI from other clinicians through similar platforms.

Consumer messaging apps offer a highly convenient option for healthcare professionals who are looking for a quick and accessible way to coordinate patient care plans with other clinicians, however, as they are not designed for this purpose they can pose a serious risk to the security of PHI.

Another reason consumer messaging apps are unsuitable for communicating PHI is that they are open to human error, for example, a message containing PHI could accidentally be sent to the wrong recipient causing an illegal breach of confidentiality.

Myth 2. Encryption = HIPAA Compliance

As Whatsapp provides end-to-end encryption on all messages sent via its messaging app, many believe it is a secure network through which to share confidential information.

While encryption protects messages from being intercepted during transit, once the message has been received, it is simply saved to the recipient’s device and not in a secure virtual location such as a password-protecting file or secure server. As a result, if the device is lost or stolen, this could result in unauthorized persons gaining access to unsecured ePHI, causing a breach of information.

Similarly, if a medical staff member resigns or is dismissed from an organization for any reason, and if they have been using a consumer messaging app on their mobile device to exchange sensitive information with other clinicians, they are likely to still have PHI contained within the message history on their phone. As a result, they may have access to PHI even though they are no longer authorized to do so.

Myth 3. Mobile Messaging Is No Replacement For Pagers

Pagers may seem like an antiquated piece of kit, yet remain a key method of communication in around 85 percent of US hospitals today.

Possibly the most obvious drawback is that pagers only facilitate one-way communication, meaning healthcare professionals have to use their phone to respond to pages anyway. This can cause unnecessary delays in communication chains, and when you’re dealing with a patient in a critical condition, this is in no way ideal. While they have a much longer battery life, pagers carry the same risk that comes with any mobile communication device; they can easily be lost or misplaced, resulting in an unauthorized individual gaining access to sensitive information instead of the intended clinician.

Overall, speed of response, user verification, and two-way communication are just a few of the reasons secure mobile messaging solutions are better suited to modern healthcare, when compared with traditional pagers.

Myth 4. Mobile Messaging Is Expensive

The majority of secure mobile messaging providers offer a range of flexible packages to suit businesses of all shapes and sizes. Many providers charge per user rather than a flat monthly rate, therefore making secure messaging more financially accessible to smaller organizations with limited budgets. Similarly, the familiar format of a mobile app makes implementing a new mobile messaging platform cost effective, as expenses usually associated with internal training programs are significantly reduced.

It’s estimated that each pager costs an average of $8-9 per month to run and maintain. Multiply this by the number of staff in an organization that use them, and this is a hefty expense for an outdated and largely impractical piece of equipment that is already being supported by the use of smartphones for client communication too.

What’s important to consider is that by gradually eliminating all pagers and investing in a secure mobile messaging solution, organizations can offer invaluable protection against a HIPAA breach which typically carry colossal fines and long-lasting reputational damage; that’s something you can’t put a price on.

Myth 5. Mobile Messaging Doesn't Actually Benefit Healthcare Outcomes

Investing in modern communication technology is about more than just keeping up with the times; recent research suggests that the use of instant messaging between health professionals to coordinate treatment can significantly improve healthcare outcomes for their patients.

Over the space of a year, two Pennsylvania hospitals performed a study, investigating how the use of secure text-messaging services by medical professionals effects patients’ recovery time. The study revealed that patients’ average length of stay was 14 percent lower in an environment where care coordination was handled via mobile messaging, when compared to care teams who were still communicating with each other through pagers.

In response to a separate survey conducted by InCrowd, 88 percent of nurses admitted to using their smartphone apps in their daily nursing work. Reasons for the use of their smartphone included staying in touch with hospital colleagues, and having faster access to patient care information. Some nurses also expressed how the business of the hospital can mean it is quicker to use a smartphone to get information on potential diagnoses rather than wait for a doctor or second medical opinion to become available.

These findings strongly support the argument that implementing a secure mobile messaging platform will enable medical staff within an organization to coordinate patient healthcare more efficiently and effectively whilst minimizing the risk of a PHI breach occurring.

About The Author

Michael Senter is CEO of DocbookMD , joining the company in March of 2015. He has over 15 years of experience providing solutions to highly regulated industries, including healthcare. Most recently, Michael has been focusing on the unique challenge of IT security in healthcare organizations.