HIPAA Secure Messaging Defined

HIPAA-secure messaging is the exchange of patient information—often referred to as protected health information (PHI)—between physicians, nurses and hospital staff via a secure and encrypted platform that adheres to the mandates of Health Insurance Portability and Accountability Act (HIPAA) regulations.

Failure to use a HIPAA-secure messaging application when exchanging messages that contain PHI can result in HIPAA fines.

HIPAA-Secure Messaging

HIPAA secure messaging

Requirements of a HIPAA Secure Messaging App

The HIPAA legislation passed by U.S. Congress requires:

  • Upholding patient privacy (Health Insurance Portability and Accountability Act of 1996)
  • The use and disclosure of PHI by “covered entities,” such as health insurers and providers (2003 Privacy Rule)
  • Increased scrutiny of messages containing PHI as well as increased fines for noncompliance of over $12 million (HIPAA Enforcement in 2019)
  • Business associates to sign the Business Associate Agreement (BAA) to outline how they will meet the HIPAA requirements of covered entities.
  • Patients or clients to recognize that the U.S. Department of Health and Human Services (HHS) does not require formal HIPAA certification programs for vendors.

Benefits of Using a HIPAA-Secure Messaging App

Decreased Costs and Improved Efficiency

According to the Ponemon Institute, the use of traditional pagers in a healthcare setting adds costs and prolongs patient care. Research shows that pagers cost the healthcare industry an additional $11 billion per year.

These costs are the result of pagers causing delays in providing patient care as well as in wasted time from using pagers to coordinate care. Waiting to get access to the right doctor and exchanging the correct information are some consequences of using pagers.

Patient Benefits

According to a study by the University of Pennsylvania, “Patients whose hospital care providers used mobile secure text messaging as a means of communication had shorter lengths of stay compared to patients whose providers used the standard paging system to communicate.”

Physician Benefits

Physicians that prefer to exchange emails rather than send text messages face increasing scrutiny of their communication methods, guiding them to use HIPAA-secure messaging with greater frequency to ensure that any PHI is encrypted and secure.

HIPAA-compliant messaging applications ensure message accountability and eliminate the need for physicians to play “phone tag.” This means that physicians can spend less time trying to reach colleagues and wait for responses. Instead, they get quick responses to their texts and can better focus on their patients.

Nursing Benefits

Nursing units benefit from faster, more complete responses from physicians and other colleagues. For example, a nurse needs a second opinion on an electrocardiogram (EKG). With HIPAA-secure messaging, he can immediately forward the image of the EKG to a colleague along with comments. Because messages sent via the app get attention, he can rest assured that the message does not get lost in a full inbox or among dozens of voicemail messages. For better accountability and peace of mind, he can see when the message is read.

Nurses can also accelerate care delivery and get more accurate diagnoses by transmitting photos in a secure and encrypted manner to the consulting physician.

HIPAA secure messaging



HIPAA secure messaging

OnPage's HIPAA-Secure Messaging Application

OnPage’s encrypted messaging platform enables secure communications for doctors through the exchange of text messages, images and voicemails. All communications are secure, encrypted and hosted on OnPage’s SSAE-16-compliant facility.

OnPage provides an easy-to-use system with a learning curve of under 10 minutes. Administrators will find the OnPage platform equally easy to use and can configure on-call schedules and follow audit trails in a short amount of time.

OnPage enables hospitals to offload the security burden many healthcare facilities face when they adopt smartphones as part of their clinical communication strategy. OnPage takes over the burden of encryption, security and HIPAA compliance and allows hospitals to focus on patient care.

By deploying the OnPage platform, hospitals can:

  • Securely exchange patient information. Physicians can instantly and securely exchange PHI. OnPage evaluates its operations against HIPAA regulations and has signed the BAA to meet the Privacy, Security, and Breach Notification Rules of covered entities.
  • Reduce communication delays. OnPage instantly alerts physicians with a distinctive sound to ensure that the message gets attention. The system can be set up to continue alerting until the message is acknowledged, unlike pagers which only page the recipient once and are unable to provide read receipts. With the combination of these features, OnPage speeds up responses five times faster than pagers.
  • Distribute alerts with bypass capabilities. OnPage is one of the very few incident alerting services to override the silent switch on iOS and Do Not Disturb (DND) mode on all smartphones. Critical pages are never missed.
Get Started

Benefits | OnPage HIPAA-Compliant Communication System


OnPage provides on-call rotations and escalations. Web management console administrators can task physicians and create “turns” if the first clinician is unavailable. This helps distribute the workload and eliminate physician burnout. OnPage also delivers distinguishable, persistent high-priority alerts on mobile. This way, on-call physicians will always know the severity of alerts!

Current integrations include OpenEMR and Amion physician scheduling. OpenEMR continuously monitors a patient’s electronic medical records (EMRs) and triggers alerts to physicians and/or care teams via OnPage’s secure mobile application. The Amion integration allows care teams to automate the manual on-call process and give patients direct 24/7 access to on-call physicians.

OnPage streamlines clinical processes and helps organizations achieve maximum patient satisfaction. Discover the power of OnPage by requesting an enterprise free trial today!

Guide: 6 HIPAA-Compliant Messaging Myths Dispelled

Discover six common misconceptions about HIPAA-compliant messaging that could put your business at risk of data breaches, miscommunication and regulatory fines.

Take the first step in deploying a more secure, automated clinical communication platform. Get your free guide today!

Get the Guide