A Primer on Secure Messaging for Healthcare

by Trevor Strome on July 9, 2014

medical_secure_messagingMobile devices are one of the largest contributors of data for healthcare analytics. Mobile devices such as tablets and smartphones are being used increasingly for “traditional” healthcare purposes (such as accessing Electronic Health Records, or EHRs). Perhaps more significantly, however, these devices are being used at an increasing rate by patients for accessing their own health information (via patient portals), tracking healthy behaviors (such as exercise and diet), and communicating with their providers. The more information that is accessed and shared via mobile devices over wireless networks, however, the greater the risk that exists for a security and privacy breach of that information.

The use of mobile messaging tools for communication of healthcare related information, while convenient, poses a significant risk of security and privacy breach of such messaging if the appropriate precautions are not taken. In a recent article I wrote for Search Health IT on the topic of Secure Healthcare Messaging, I provide an overview on Secure Messaging for healthcare, including the risks associated with “consumer grade” messaging (such as SMS) and how Secure Messaging addresses the many security holes inherent with other messaging technologies.

In the SearchHealthIT.com article, I discuss that although Short Message Service (SMS) can be a quick and effective way to communicate, there are definite drawbacks to the use of SMS and similar messaging services when used for purposes beyond quick greetings:

  • In addition to being limited to 160 characters in a single SMS message, delivery of an SMS message is not guaranteed. 
  • Messages that contain health information are vulnerable to being intercepted, read by and forwarded to anyone. 
  • The Joint Commission has, in essence, banned physicians from using SMS for any communications that would result in the transmission of ePHI [electronic protected health information] data or orders for a patient to a healthcare organization (such as hospital or other service). 

In my SearchHealthIT.com article, I mention that a safer alternative to SMS that can be used in healthcare is Secure Messaging. Secure Messaging utilizes a server-based approach which enables secure and protected transmission of healthcare information that employs bidirectional encryption of point-to-point delivery of messages, stores information on a secured network server, and ensures delivery of the message to a single known receiving entity.

I have always maintained that as analytics professionals and users of healthcare information, we need to take every precaution necessary to ensure that the data we are privileged to access is held secure, and privacy is protected, using every means possible. For analytics professionals, this definitely now includes how we use mobile devices for communication of that healthcare information.

{ 0 comments… add one now }

Leave a Comment

Previous post:

Next post: