Mobile messaging apps have revolutionized the way in which we communicate. Using these apps, we can send and receive messages instantly. But doctors and other covered entities should approach these apps with caution due to the conflicts they create in regards to the Health Insurance Portability and Accountability Act (HIPAA) of 1996.
According to a new study released by Infinite Convergence Solutions, only a mere 8% of healthcare providers prohibit workers from using mobile consumer messaging apps for work-related communications. The study went on to reveal that just 25% of healthcare providers that have a safe and secure messaging app actually use it. The other 75% continue to use consumer messaging apps.
So, what's wrong with using a mobile consumer messaging app in the healthcare industry? While the Department of Health and Human Services (HHS) doesn't explicitly prohibit the use of such apps for communication, it may still be covered in the Security Rule. The HIPAA Security Rules requires all covered entities to implement meaningful and appropriate safeguards to protect against the unauthorized use or access of Electronic Protected Health Information (EPHI).
It should come as little-to-no surprise that the use of mobile messaging apps is increasing among healthcare providers. Researchers from the Infinite Convergence Solutions study found that healthcare workers are now using mobile messaging apps more frequently than voice calling.
Unfortunately, the vast majority of mobile consumer messaging apps are not secure. Messages can be intercepted with little efforts, posing a direct risk to the integrity of patients' data. This is why it's critical that covered entities use their own internal messaging apps, enhancing them with encryption, two-factor authentication, and other security measures.
"The global healthcare industry is under strict privacy and security regulations to protect patient information, but our study finds that the vast majority of healthcare institutions are not using mobile messaging services that are compliant with these regulations," said Anurag Lal, CEO of Infinite Convergence Solutions. "Healthcare employees communicate inherently sensitive information, like patient prescriptions, medical information, etc., yet their employers do not have the proper mobile messaging security infrastructure in place to adhere to HIPAA or other regulatory requirements."
Does this you should avoid using mobile messaging apps in your healthcare practice? Not necessarily, but you should take measures to ensure they are safe and compliant with HIPAA.
Image credit: Tyler via Flickr Creative Commons.