HIPAA Secure Messaging
What is HIPAA secure messaging?
HIPAA secure messaging means that the exchange of patient information – often referred to as protected health information (PHI) – between physicians, nurses and hospital employees is exchanged via a secure and encrypted platform which adheres to the mandates of Health Insurance Portability and Accountability Act (HIPAA) regulations.
Failure by healthcare employees to use a HIPAA secure messaging application when exchanging messages with colleagues that contain PHI can constitute a HIPAA fine. Indeed, HIPAA officials have cited health facilities for exchanging PHI that was neither encrypted nor password protected. If and when a HIPAA fine is instituted, the fine can reach several million dollars.
Due to the risk of rebuke and the potential fine that can ensue from exchanging unsecured patient information, many hospitals and clinics have chosen to adopt HIPAA compliant messaging applications. These hospitals and clinics have realized the limitations they face and risks they bring on by using traditional pagers. These groups have also understood the benefits that HIPAA secure messaging can bring in terms of expediting patient care, improving patient outcomes and reducing healthcare costs.
What is required of a HIPAA secure messaging app?
HIPAA secure messages that contain PHI must follow the mandates of the 1996, 2003 and 2013 HIPAA legislation passed by Congress which require:
> the upholding of patient privacy (Health Insurance Portability and Accountability Act of 1996)
> the use and disclosure of PHI by “covered entities” such as health insurers (2003 Privacy Rule)
> increased scrutiny of messages containing PHI as well as increased fines for noncompliance of up to $1.5million. (2013 Final Omnibus Rule)
Since 2013, HIPAA secure messaging has gained significantly more importance among healthcare providers as legislation has since spelled out the conditions under which it was possible to exchange PHI between healthcare professionals. Since that time, hospitals have increasingly realized that exchange of PHI via pagers risks a HIPAA violation and a significant fine. Additionally, by exchanging PHI via pagers, the patient information can be accessed by unauthorized third parties and be used to defraud patients and their healthcare providers.
Today, healthcare institutions are moving to HIPAA-compliant messaging applications that provide secure messaging and uphold the mandates of HIPAA.
What are the benefits of using a HIPAA secure messaging app?
The benefits of using a HIPAA secure texting app are highlighted when one simply reads how the use of such an application improves communication between nurses and physicians. Rather than tracking down colleagues via pager and not being able to reach them in a timely manner, the use of a HIPAA-secure texting app facilitates communications.
Decreased Costs and Improved efficiency
According to the Ponemon Institute, the use of traditional pagers in a healthcare setting adds on to the cost and time it takes to care for a patient. The Ponemon Institute notes that pagers cost the healthcare industry approximately $11B per year
These costs were the result of pagers causing delays in providing patient care as well as in wasted time from using pagers to coordinate care. Waiting to get access to the right doctor as well as exchanging the correct information were all delayed due to pagers.
One of the main benefits of HIPAA compliant messaging is seen through the advantages they have in bettering patient outcomes. According to a study by the University of Pennsylvania “patients whose hospital care providers used mobile secure text-messaging as a means of communication had shorter lengths-of stay compared to patients whose providers used the standard paging system to communicate”. The results of the study further indicated that mobile secure text messaging may help to improve communication among providers leading to more efficient care coordination and allowing patients to leave the hospital sooner.
Although physicians often prefer to exchange emails rather than send text messages, increasing scrutiny of their communication methods is pushing them to use HIPAA secure messaging with greater frequency to ensure that any PHI that is communicated maintains its security and encryption.
The main advantage to physicians of using HIPAA secure messaging over email and pagers is that HIPAA compliant messaging applications ensure message accountability and practically eliminate the need for physicians to play phone tag. This means that physicians can spend less time trying to reach out to colleagues and then wait for response. Instead, they can be assured that they will get a quick response to their texts and that as a physician they can then return to their focus of patient care.
Nursing units will see the benefits of HIPAA secure messaging platforms because these platforms will inevitably improve their mobility and patient outcomes. One example of this can be seen when nurses need a second opinion on an EKG, they can immediately forward the image of the EKG to a colleague along with their comments. With a HIPAA secure messaging app, they can be assured that their colleague will see the image and notes. This assurance comes from the persistent alerting functionality of the OnPage application.
Additionally, secure messaging can improve patient outcome, by enabling nurses to transmit photos to the consulting physician. This secure exchange of information will enable nurses to provide patients with faster and better care. The speed and efficiency this enables will also provide patients with increased satisfaction, and a decrease in length of stay.
OnPage’s HIPAA secure messaging for hospitals and clinics
OnPage’s encrypted messaging platform enables secure messaging for doctors through the exchange of secure text messages, images and voice messages. All communications are secure and encrypted and are hosted in OnPage’s SSAE-16 compliant facility.
The application is straight forward and easy to use. Physicians will be able to understand the functionality and begin using the application in under ten minutes. Administrators will find the OnPage platform equally easy to use and will quickly learn how to upload schedules and follow audit trails.
An additional advantage of using OnPage is the cost savings it provides to hospitals as it offloads the security burden many healthcare facilities face when they adopt smartphones into their facility. OnPage takes care of the process of encryption and security and HIPAA-compliance and allows hospitals to focus on their core competencies.
Specifically, by using the OnPage platform, hospitals will see the following success:
> Facilitate the exchange of patient information. Often physicians use pagers or hand-written notes to exchange information. Neither of these methods live up to the standards of HIPAA-compliance. With OnPage, physicians will instantly exchange vital PHI as well as receive information from their colleagues.
> Reduce delays in contacting colleagues. OnPage provides persistent and immediate alerting which instantly alerts physicians when a colleague is trying to reach them. This advantage stands in stark contrast to pagers which only page the recipient once and are unable to provide a read receipt.
> Improve patient outcomes. By ensuring that physicians receive information more quickly, they reduce the chance for delays which can impact the quality of patient outcomes.
E-Book: 8 HIPAA Compliant Messaging Myths Dispelled
In healthcare, over 68% of security breaches are due to the loss or theft of personal mobile devices. Should this statistic cause hospitals to ban the use of smartphones at their facility?
We hope not.
Rather, it is this kind of thinking which puts hospitals at risk. Our latest E-Book: 8 HIPAA Secure Messaging Myths Dispelled details how:
- Using pagers instead of smartphones hurts the efficiency and security of hospitals
- Using smartphones can actually improve patient outcomes and enable them to leave the hospital sooner.
- HIPAA secure messaging can improve healthcare communications by 43%.
When you enable HIPAA compliant secure messaging rather than communications through pagers, unsecure native apps or email, both your practice and patients benefit.