With an announcement of increased HIPAA audits on the horizon in 2016, and some already record-setting fines levelled for 2015 violations, healthcare organizations communicating patient information in the clear have a world of costly and potentially business-threatening mistakes to look forward to in the new year. Yet, despite this, a recent survey found that 90% of healthcare institutions were using non-compliant messaging apps to communicate in healthcare environments.
It certainly isn’t for a lack of options—research firm KLAS’ recent report on secure text messaging tools found that there were over 100 secure text messaging vendors servicing the healthcare space, but also noted that providers were looking for more than simply HIPAA compliance for their text messaging, including “more robust functionality and interface capabilities."
So why, with the threat of HIPAA-related fines looming, are healthcare organizations still electing to eschew secure text messaging capabilities? Today, we’ll explore some of the reasons, and help spur providers into action before they’re staring down the barrel of a HIPAA audit.
To be sure, many of the secure text messaging options available have elected to approach the problem from a security standpoint rather than a healthcare standpoint, applying encryption standards to unsecured channels (such as SMS or consumer-facing messaging apps) that they found had been organically adopted by healthcare practitioners for convenience sake. While few would argue this was an unnecessary advancement, secure text messaging alone is only an improvement when placed side-by-side with unsecured text messaging, and does little to address or supplant decades of healthcare and hospital workflow that has been built around pagers.
‘Pager culture’ is real, and extremely persistent, in healthcare. The reasons have been repeated ad infinitum: reliability, privacy, and entrenched workflow have all ensured that pagers remain a lynchpin of hospital communications. Unfortunately, that brings with it drawbacks; namely one-way communication, no message receipt confirmation, lack of group messaging, and an interruption-based communication model.
For a modern communications solution to truly supplant pager use, they must retain the positive and address the negative of pager-based workflow.
The Problem Healthcare Organizations Don’t Know They Have
For many health systems and healthcare organizations, by the time they recognize that they have a communications workflow or HIPAA compliance problem, it’s already too late—particularly after a HIPAA fine has been levied because staff were utilizing unsecured mediums for transmitting PHI.
In terms of workflow, most healthcare organizations already recognize they have a problem, but are slow to embrace a HIPAA-compliant solution. This explains the proliferation of consumer-grade messaging solutions such as SMS, WhatsApp, and GChat, with a staggering 91% of healthcare employees using some form of mobile messaging to communicate business information.
With the number of secure messaging solutions that address both workflow and security flaws in healthcare environments, organizations would be best served by evaluating and implementing a solution sooner, rather than later. If staff are already utilizing a messaging application, they’ll be more accustomed to features and functionality, ensuring more successful adoption.
Communicating In Silos
The current state of healthcare communications dictates that a number of disparate solutions must be cobbled together to address the needs of different departments, including pagers, mobile messaging apps, answering services, nurse house phones, hardware badges, and landlines. A good secure messaging solution will be able to displace one or two of these options, but a truly efficient solution will find a way to encompass them all—while also communicating necessary data to an organization’s EHR system.
The majority of secure text messaging solutions on the market have found organic adoption in healthcare due to their ability to offer a secure mobile messaging solution, but many fall short in incorporating the numerous other communication channels employed in the day-to-day coordination of care. Implementing a holistic, end-to-end platform that encompasses both the security and functionality that address the nuances of healthcare communications must be priority number one for healthcare organizations in 2016.