Three questions to ask a prospective HIPAA-secure messaging provider

Posted: Nov 02, 2016
Share This:

HIPAA Secure Mobile Messaging

Mobile messaging has become an integral tool for healthcare professionals in recent years, with an increasing number of care teams looking to HIPAA-secure mobile messaging solutions as an alternative to outdated paging systems.

However, with so many vendors out there, finding a solution which is reliable, flexible and truly secure, is often easier said than done. By asking potential vendors the following questions, organizations can make more informed decisions during the selection process.

1. Is the mobile messaging solution HIPAA compliant?

In a healthcare setting, it is critical to ensure that mobile messaging solutions meet the necessary HIPAA regulations to safeguard personally identifiable health information. For a mobile application to be HIPAA-secure, it must meet the following four security criteria:

    • Administrative safeguards – A termination procedure must exist, allowing Protected Health Information (PHI) to be quickly removed from the device, or access to PHI to be revoked. The application should have the ability to remotely shut down access to the app should a device be lost or stolen.
    • Physical safeguards – Mobile messaging apps should be secured via PIN lock. Devices should also be kept safe using password protection.
    • Technical safeguards – PHI must be encrypted to the highest encryption standards available, whilst on the device, on the server, and during transmission. Secure encryption must be tested on a regular basis.
    • Redundancy – In order for an app to be HIPAA-secure, it must have data back-up procedures and a disaster recovery plan to protect PHI in the event of a device being lost or stolen.

2. Can we integrate the secure messaging solution with existing applications?

In order to streamline clinical communication and workflows, organizations may wish to integrate a secure mobile messaging application with other third party solutions, such as answering services, scheduling platforms, and EHRs.

Integrating with an answering service, for example, can help create a culture of more efficient patient care by providing instant connections to incoming calls, voicemail messages, and patient updates.

3. Does the secure messaging solution promote a culture of collaboration?

Within a typical healthcare setting, care teams may be using up to five mobile devices per patient. A secure mobile messaging platform will enable its users to coordinate quick and efficient communication between teams and departments, eradicating the requirement for multiple devices