Text messaging is becoming more common in the medical field with a growing number of professionals using mobile device to communicate, transmit and share patient data. This can aid in patient diagnosis, as text messaging allows quick communication and interaction between physicians, nurses and home health care providers.
Despite the benefits text messaging provides there is a need for HIPAA compliance, and a requirement for adequate safeguards to deter a data breach in the event a device is lost or stolen. Health care providers need to develop policies and procedures that cover the risks presented by text messages, recognizing that Electronic Personal Health Information (ePHI) must be protected. Periodic risk assessments should be conducted as technologies and practices evolve to ensure continued compliance.
A number of specialized HIPAA-compliant messaging applications have been developed by software providers that promise to encrypt, secure and protect all communication that is conducted through text, including photos, video and voice recordings. Using these applications are a good first step, but don’t alleviate the risk presented by a mobile device that is lost or stolen. For these devices, what is needed is a method of locating and recovering a lost device. If recovery is not practical, the device should be remotely wiped of all data as this is the best way to ensure that an ePHI data breach has not occurred.
In addition, health care providers are increasingly embracing cloud storage options for their data. The general hope here is that this method provides an added layer of data and reduces the risk of violating HIPAA guidelines. However, just because you are storing patient data in the cloud doesn’t mean you are HIPAA compliant. Each cloud-based storage provider must be researched and assessed diligently, as the US Department of Health and Human Services currently does not provide guidelines or offer certifications for cloud storage providers. Opting for a cloud storage method is not the single answer to protecting ePHI as some providers may advertise. Remember also that can data breach can occur from an employee leaving a device unprotected with data that exists outside of your company portal. This is a risk whether you are employing cloud storage or not.
Applications such as License Lock Locate®- Medical, a technology product from Mountaineer Technology Ventures can help ensure best practices are used when securing mobile devices used by healthcare professionals. With License Lock Locate – Medical, a mobile device can be locked, then located to assist in recovery and then unlocked to return the mobile device to its original state. If recovery is not practical, the device can be remotely wiped of all data. With License Lock Locate – Medical, your team can also send high priority messages to field employees, and remotely reset forgotten passwords on each device.
As a home health care or hospice provider, you need to leverage the communication benefits that text messaging provides without worrying about security risks and HIPAA compliance. Adopting technologies such as License Lock Locate – Medical for your mobile platforms can provide you with a layer of coverage that helps your run your business more confidently and efficiently.