OnPage – HIPAA compliant messaging
HIPAA compliant messaging - Definition
HIPAA-compliant messaging describes the exchange of text messages containing protected health information (PHI) of patients. Messages containing PHI must follow the mandates of the 1996, 2003 and 2013 HIPAA legislation passed by Congress which requires:
- the upholding of patient privacy (Health Insurance Portability and Accountability Act of 1996)
- the use and disclosure of PHI by “covered entities” such as health insurers (2003 Privacy Rule)
- the increased scrutiny of encryption for PHI messages and the increased fines for noncompliance of up to $1.5million. (2013 Final Omnibus Rule)
Since 2013, HIPAA compliant messaging has gained importance among healthcare providers as legislation has since spelled out the conditions under which it was possible to exchange PHI between healthcare professionals. Since that time, hospitals have increasingly realized that exchange of PHI via pagers risks a HIPAA violation and a significant fine. Additionally, by exchanging PHI via pagers, the patient information can be accessed by unauthorized third parties and be used to defraud patients and their healthcare providers.
Today, healthcare institutions are moving to HIPAA-compliant messaging applications that provide secure messaging and uphold the mandates of HIPAA.
How do you maintain HIPAA-compliant messaging?
HIPAA compliant messaging means that the messaging containing patient information, care instructions or any other relevant patient information must be both secure and encrypted. When hospitals and clinics introduce HIPAA compliant messaging into their organization, they must maintain reasonable and appropriate administrative, technical and physical safeguards for protecting e-PHI. Department of Health and Human Services states that organizations must provide the following:
- Ensure the confidentiality, integrity, and availability of all electronic protected health information which is created, received, maintained or transmitted.
- Protect against any reasonably anticipated threats or hazards to the security or integrity of this information.
- Protect against any reasonably anticipated uses or disclosures of patient information.
- Ensure compliance by users of the information.
HIPAA compliant messaging for hospitals and clinics
- Our HIPAA compliant messaging service enables healthcare providers to communicate via encrypted and secure text communication with their employees as well as each other.
- Create and manage escalation policies
- OnPage, intelligent alerts cut through the noise by bringing critical alerts to the forefront and continuing for up to 8 hours until acknowledged.
- Audit Trails allow you to track messages with SENT, DELIVERED and READ receipts.
- Every group gets their preferred, on-call rotation with on-call scheduling for multiple individuals without limitation to location.
- Add images and voice attachments to your text messages to convey more information, allowing for more informed decisions.
- Mute OnPage when you are off duty and do not want to receive alerts.
- Ability to remotely wipe sensitive patient information
Download our e-book on 8 HIPAA Compliant Messaging Myths Dispelled
In healthcare, over 68% of security breaches are due to the loss or theft of personal mobile devices. Should this statistic cause hospitals to ban the use of smartphones at their facility?
We hope not.
Rather, it is this kind of thinking which puts hospitals at risk. Our latest E-Book: 8 HIPAA Secure Messaging Myths Dispelled details how:
- Using pagers instead of smartphones hurts the efficiency and security of hospitals
- Using smartphones can actually improve patient outcomes and enable them to leave the hospital sooner.
- HIPAA secure messaging can improve healthcare communications by 43%.
- When you enable HIPAA compliant secure messaging rather than communications through pagers, unsecure native apps or email, both your practice and patients benefit.