It’s crunch time. With just over two weeks until the Sept 23rd HIPAA Omnibus deadline, as the CIO of healthcare provider facility you’ve come to discover that a number of your physician and nurse providers have been communicating with one another over standard text message, exchanging information in a HIPAA noncompliant manner. However, there’s still time before these events turn into reportable breaches, so you decide to implement a secure text messaging application. What are the essential features you must take into consideration in choosing a vendor?
Any secure text messaging service is better than nothing, but not all services are created equal. A P2P encryption infrastructure ensures that PHI is only being sent directly from user to user, cutting out the middleman vendor server. Using a cloud-based, decrypt-store-re-encrypt service leaves your stored PHI at the mercy of your provider’s security controls.
Just because you use a P2P encryption product doesn’t mean that you can’t store your data. The best secure text messaging services give their users complete control over their data, allowing them to store messages in their data center or cloud. This sort of data can provide all types of benefits to a CIO, from provider benchmarking information to even medical malpractice defense evidence.
These features add two essential benefits: usability and compliance protection. Read receipts ensure that critical information was communicated to the recipient, allowing the sender to take other actions if necessary. Moreover, in the event of a lost phone or other security incidents, the ability to prove that the PHI-containing message was never read by a potential malicious third party is an essential component of a breach analysis.
Speaking of breach investigations, the new breach standard outlined in the HIPAA Omnibus Regulations requires the analyst to prove that a third party did not access PHI. Proving a negative can be almost impossible, especially in the context of a lost phone with locally-stored PHI. However, if the secure texting application can provide access logs to the secured application, an analyst can quickly show that PHI in question was kept safe. This can be all the difference in a multi-million dollar privacy lawsuit.
Finally, a secure text messaging service will only be useful if your users decide to adopt it as a replacement to SMS. Therefore, usability is paramount. A simple interface goes a long way in achieving this, as do intuitive features such as group messaging and file attachment. A valuable service not only keeps your providers happy, but it also helps to get your users to buy in and stop texting PHI.
With over two decades of technology entrepreneurship background, Krishna Kurapati started QliqSOFT with the strong desire to solve clinical collaboration and workflow challenges in US Healthcare. During the late 90s, Krishna co-founded IPCell to build the first Cable IP Telephony switch, eventually selling the company to Cisco Systems. In 2003, he started Sipera (acquired by Avaya Systems) to solve security issues for Unified Communications' and raised over $30MM in venture funding. Additionally, he has been actively involved in the early-stage financing of startups in both the US and India.
Engaging Patients and Connecting Care Teams Through Interactive Digital ConversationsLearn More
Cyber security attacks wreaked havoc on the healthcare industry last year. According to a recent article by Healthcare IT News, more than 40 million patient records were compromised by data breaches in 2021. As we move forward into a new year, many healthcare leaders wonder what to expect next. To find out more, we spoke with Krishna Kurapati, the founder and CEO of QliqSOFT.
Home COVID-19 tests kits are quickly growing in popularity as case numbers continue to rise throughout the U.S. At first, it seemed like home test kits would be a viable solution that could help combat long lines at overwhelmed testing centers.
This year, we will see a shift in how healthcare organizations utilize digital solutions. Over the last two years, during the pandemic, organizations in nearly every industry adopted digital solutions to address temporary challenges. However, as time went on, many of these solutions proved valuable tools, and attitudes towards digital health have changed significantly.