In order to reduce costs, improve care coordination and improve patient outcomes, care teams need to stay completely informed about each patient event—for example, when medications have been adjusted, or whether a patient was seen at an emergency department. Too often, this involves a disconnected series of individual phone calls, EHR messages and even faxes—if it happens at all. But the use of secure texting could help change that.
A secure text instantly connects a patient aligned care team, eliminating the lag time of phone calls and e-mail. But a major challenge for health care systems is that employees want to use personal mobile devices at work, a practice known as BYOD, or “bring your own device.” In fact, nearly 89 percent of U.S. health care workers use their personal smartphones for work purposes. However, when it comes to security, 41 percent of health care employees’ personal devices are not password protected, and 53 percent of health care employees access unsecured wireless networks with their smartphones.1 Organizations need procedures consistent with HIPAA standards for secure texting to ensure the confidentiality and availability of electronic protected health information (PHI).
Health care executives should first understand what kinds of mobile and remote devices are operating in their organizations and whether these devices are putting private health information at risk. Next, protecting health information must go beyond telling employees what they can and cannot do. A more effective approach is to use privacy and secure texting platforms that are integrated into the workflow, rather than creating further barriers to adoption.
Secure Text Messaging (STM) is a platform for securely exchanging text and picture messages among mobile devices and office workstations in a manner compliant with HIPAA and HITECH requirements for protecting PHI. Messages (text and pictures) that are sent with a secure text are encrypted while they are transmitted to and from a device or workstation.
Security awareness and training can be one of the most effective ways to prevent security breaches. An organization may want to consider what kinds of security awareness and training its staff should receive associated with the use of mobile devices with PHI. Training could cover topics such as an organization’s mobile device policies and procedures, risks with mobile devices, how to safeguard access to mobile devices and the STM application, proper use of mobile devices in providing health care, and potential penalties should HIPAA be violated.
