onpage logo

HIPAA-compliant messaging - Definition

HIPAA-compliant messaging describes the exchange of text messages containing protected health information (PHI) of patients. Messages containing PHI must follow the mandates of the 1996, 2003 and 2013 HIPAA legislation passed by Congress which requires:

  • the upholding of patient privacy (Health Insurance Portability and Accountability Act of 1996)
  • the use and disclosure of PHI by “covered entities” such as health insurers (2003 Privacy Rule)
  • the increased scrutiny of encryption for PHI messages and the increased fines for noncompliance of up to $1.5million. (2013 Final Omnibus Rule)

Since 2013, HIPAA-compliant messaging has gained importance among healthcare providers. Legislation has further spelled out the conditions under which it is possible to exchange PHI between healthcare professionals, and hospitals have increasingly realized that exchange of PHI via pagers risks HIPAA violation and significant fines. Additionally, by exchanging PHI via pagers, patient information can be accessed by unauthorized third parties and be used to defraud patients and their healthcare providers.

Today healthcare institutions are moving to HIPAA-compliant messaging applications that provide secure messaging and uphold the mandates of HIPAA.

OnPage HIPAA compliant messaging app

HIPAA compliant

How to ensure HIPAA compliant messaging

HIPAA-compliant messaging means that the messaging containing patient information, care instructions or any other relevant patient information must be both secure and encrypted. When hospitals and clinics introduce HIPAA-compliant messaging into their organization, they must maintain reasonable and appropriate administrative, technical and physical safeguards for protecting e-PHI. The Department of Health and Human Services states that organizations must:

  • Ensure the confidentiality, integrity, and availability of all electronic protected health information which is created, received, maintained or transmitted
  • Protect against any reasonably anticipated threats or hazards to the security or integrity of this information
  • Protect against any reasonably anticipated uses or disclosures of patient information
  • Ensure compliance by users of the information

maintain HIPAA compliant messaging

HIPAA compliant messaging for hospitals and clinics

OnPage’s HIPAA-compliant messaging service lets healthcare administrators and providers:

  • Communicate via encrypted and secure text communication with their employees as well as each other
  • Create and manage escalation policies
  • Cut through the noise by bringing critical alerts to the forefront and continuing for up to 8 hours until acknowledged
  • Track messages with SENT, DELIVERED and READ receipts
  • Configure on-call scheduling for multiple individuals without limitation to location
  • Add images and voice attachments to text messages to convey more information, for better decision-making
  • Mute OnPage when they are off duty and do not want to receive alerts
  • Remotely wipe sensitive patient information

HIPAA compliant messaging for hospitals and clinics

Download the 8 HIPAA Compliant Messaging Myths Dispelled eBook

In healthcare, over 68% of security breaches are due to the loss or theft of personal mobile devices. Conventional thinking says that this is the fault of smartphone use but in 8 HIPAA Secure Messaging Myths Dispelled we explore how:

  • Using pagers instead of smartphones hurts the efficiency and security of hospitals
  • Using smartphones in the right way can actually improve patient outcomes and enable them to leave the hospital sooner
  • HIPAA secure messaging can improve healthcare communications by 43%

8 HIPAA Compliant Messaging Myths Dispelled