Free Hospital EMR and EHR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to Hospital EMR and EHR for FREE!

The CIO’s Guide to HIPAA Compliant Text Messaging

Yesterday I wrote a piece on EMR and EHR where I talk about why Secure Text Messaging is Better Than SMS. I think it makes a solid case for why every organization should be using some sort of secure text messaging solution. Plus, I do so without trying to use fear of HIPAA violations to make the case.

However, you can certainly make the case for a secure text messaging solution in healthcare based on HIPAA compliance. In fact, the people at Imprivata have essentially made that case really well in their CIO Guide to HIPAA Compliant Text Messaging. This is well worth a read if you’re in a healthcare organization that could be at risk for insecure texting (yes, that’s every organization).

They break down the path to compliance into 3 steps:

  1. Policy – Establish an organizational policy
  2. Product – Identify and appropriate text messaging solution
  3. Practice – Implement and actively managing the text messaging solution.

Texting is a reality in hospitals today and the best solution isn’t suppression, but enabling users with a secure solution. The checklists in the CIO Guide to HIPAA Compliant Text Messaging provide a great foundation for making sure your organization is enabling your users in a HIPAA compliant manner.

January 15, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 5000 articles with John having written over 2000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 9.3 million times. John also recently launched two new companies: InfluentialNetworks.com and Physia.com, and is an advisor to docBeat. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and Google Plus.

Hospital Aren’t Supporting Nursing Smartphones

Here’s one more example of where Bring Your Own Device is causing security problems for hospitals. A new report by Spyglass Consulting Group suggests that while most nurse use personal smartphones on the job, few hospital IT departments support these devices.

According to Spyglass, 69 percent of hospitals said that their nurses use personal mobile devices, often to fill in gaps left by the technology the hospital provides for communication. This is no surprise. While there’s an armada of personal nursing devices which allow nurses to communicate with other staffers, smartphones do a better job, as they’re light, boast an easy to use interface and unlike VoWiFi devices, unaffected by local network ups and downs.

It’s worth noting that 25 percent of care providers interviewed by Spyglass weren’t happy with the quality and reliability of the wireless network within their facilities.  That’s further evidence that VoIP devices commonly used for nursing communication aren’t riding on a solid base.

So, nurses are driven to use the smartphones they bring in from home.  Those phones become the basis for mission-critical communications around day-to-day care. But at the risk of repeating myself — OK, I’ve already repeated myself often on this subject — these unsupported, vulnerable devices can be hacked or stolen quite easily. If a phone is left in a public area, not only are nurses deprived of a critical communications channel, the e-mail or texts or voicemails they’ve sent regarding patient care has just walked off as well, offering bunch of private data in the clear. Plus, there are free solutions to this communications, privacy and security problem like docBeat that are much much more functional than what’s on the nurses’ personal devices anyway.

According to the Spyglass researchers, who conducted 100+ interviews with nurses working in acute care, hospital IT personnel are concerned about the increasing dependence of clinicians on personal mobile devices.  But I note that at least in the report summary written up by Healthcare IT News, you don’t hear about a stampede of hospital IT departments rushing to establish support policies and deploy enterprise-class mobile management tools. I must say, I’m not sure what they’re waiting for.

December 11, 2012 I Written By

Anne Zieger is veteran healthcare consultant and analyst with 20 years of industry experience. Zieger formerly served as editor-in-chief of FierceHealthcare.com and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies.