Safe Communication For Medics


A doctor using his tablet

With the advent of smart phone, tablets, and texting, is it any surprise that the medical professions at have created new technology? While the spoken word can be misinterpreted, the written word is less likely to be misunderstood. However unless practiced with caution, messaging technology can run afoul of HIPAA regulations leaving the medical professionals as well as hospitals open for lawsuits.

HIPPA is an acronym for Health Information Privacy Protection Act, a unified code that was put in place to protect patient health information. Where HIPPA and SMS, short message servicing otherwise known as texting can conflict with each other is in the security of the texting application and delivery methods. In personal life, a misdirected text can be embarrassing but in the medical profession, a misdirected text can be the beginning of a lawsuit. With estimates of over a third of all texts being delivered to someone other than their intended recipient, the risk is high.

The benefits of SMS, short message serving or texts can be myriad. SMS is an effective communication tool since it is efficient, allows information to be transmitted instantaneously and can alleviate prolonged or confusing conversation. Any health care provider can tell of the long hang time in the traditional pager/call back method that has been the only way for doctors and support staff to communicate with each other for years. The trick is gaining these benefits of texting while keeping patient information secure and protected.

Since traditional SMS is unsecured, the first order of business for hospitals as well as regulatory boards responsible for HIPPA compliance has to been to outline guideline for acceptable texting services and applications. Use of traditional texting services and applications has been banned and any healthcare provider can be fined $50,000 for a single violation and repeated violations can lead to fines of 1.5 million dollars in a single year. These fines do not cover the loss of reputation a doctor or organization can face.

While traditional texting has been banned, the regulatory body will allow texting under the following guidelines known as AS, or Administrative Simplification provisions. Under these guidelines, the four following areas are vital for compliance:
1. Secure Data Centers: patient information is stored either onsite in physical servers or offsite in virtual servers known as ‘clouds’ by healthcare organizations. In either case, this data must have a high level of security both immediate and ongoing to protect patient information from hacking.
2. Encryption: patient information must be encrypted both in transit and at rest.
3. Recipient Authentication: protocols must be in place to allow the sender to know to whom the information was sent, if they received it and when it was sent.
4. Audit Controls: For a messaging system to be AS compliant there must be methods in place to create and record an audit trail of activity.
HIPAA Compliant Messaging is possible with these precautions, allowing healthcare personnel to take advantage of the new technology while keep patient date secure.