5 mobile healthcare trends in 2017

healthcare messaging solutions from Vectramind

Healthcare executives expect that, within the next three years, their industry will need to focus as much on training machines as they do on training people, according to one finding from a new report by Accenture. The Accenture 2015 Healthcare IT Vision is based on a survey of doctors, consumers and healthcare executives and] highlights emerging technology trends that will affect the health industry in the next three to five years.

84% of health executives surveyed agree or strongly agree that healthcare industry will need to focus as much on training machines – such as using algorithms, intelligent software and machine learning – as they do on training people in the next three years. In fact, most of those surveyed (83 percent) agree that provider organizations, driven by a surge in clinical data, will soon need to manage intelligent machines as well as employees.

The Accenture Healthcare IT Vision 2015 report reveals five key digital health trends reshaping the healthcare industry:

1. The Internet of Me: Your healthcare, personalized Welcome to the era of personalized healthcare defined by meaningful and convenient individual health experiences.

2. Outcome Economy: Hardware producing healthy results New intelligence is bridging the digital enterprise and the physical world. It’s about more than technology; it’s about delivering results.

3. Platform Revolution: Defining ecosystems, redefining healthcare Healthcare IT platforms capture data from disparate sources (e.g., wearables, phones, glucometers), and connect it to provide patients and caregivers a holistic and real-time view of your health.

4. Intelligent Enterprise: Huge data, smarter systems, better healthcare A data explosion, accompanied by advances in processing power, health analytics and cognitive technology, is fueling software intelligence. Medical devices and wearables can now recognize, “think” and respond accordingly.

5. Workforce Reimagined: Collaboration at the intersection of humans and healthcare As the digital revolution gains momentum, doctors and healthcare workers are now using machines to be more efficient, provide better care and take on increasingly more complex tasks.

These trends clearly prove that digital health is dramatically influencing the healthcare industry today, and it will continue to do so for decades to come.

Source

a mere 5% hospitals test for medical devices security

HIPAA COMPLIANT HEALTHCARE MESSAGING FROM VECTRAMIND

VECTRAMIND  is among the few messaging companies which provide healthcare organizations fully secure HIPAA compliant Hl7 messaging standards for patients and healthcare clinical staff.

Vectramind’s customized A2P solutions now enable you to capitalize on SMS to reach your target audience – from healthcare service provider, administrator to patients. 

The security of medical devices has attracted a lot of attention in recent months due to fears of device vulnerabilities being exploited by cybercriminals to cause harm to patients, gain access to healthcare networks and steal patient data. Cybercriminals have extensively targeted the healthcare industry due to the high value of patient data on the black market, combined with relatively poor cybersecurity defenses. While there have been no reported cyberattacks on medical devices with the specific aim of causing harm to patients, there are fears it is only a matter of time before such an attack occurs. Even if harming patients is not the goal of cybercriminals, ransomware attacks – which take essential computer systems out of action – can place patient safety at risk.

 Those attacks have  already started  occurring. Some healthcare providers experienced medical device downtime as a result of the recent WannaCry ransomware attacks.However of late much attention has focused on device manufacturers for failing to incorporate appropriate security protections to prevent cyberattacks and not considering security for the life cycle of the devices.A recent Synopsis-sponsored survey conducted by the Ponemon Institute suggests healthcare delivery organizations may be equally at fault.

The report on the survey – Medical Device Security: An Industry Under Attack and Unprepared to Defend – shows that both device manufacturers and healthcare organizations are concerned that medical device attacks will occur. 67% of medical device manufacturers and 56% of healthcare delivery organizations believe a cyberattack on a medical device at their organization is likely to occur in the next 12 months.

Even though manufacturers and HDOs are aware of the risks of cyberattacks on medical devices, and one third are aware that those attacks could have an adverse effect on patients, only 17% of device manufacturers and 15% of HDOs are taking action to reduce the risk of cyberattacks on medical devices used by their organizations.

One of the biggest challenges is incorporating security controls into the devices. 80% of device manufacturers said medical devices are very difficult to secure, with a lack of knowledge about how to secure the devices cited as a major issue along with accidental coding errors and pressure to meet product delivery deadlines. Identifying potential vulnerabilities does not appear to be a major priority. 53% of HDOs and 43% of device manufacturers said they do not perform any medical device security tests, while just 9% of device manufacturers and 5% of HDOs conduct device security tests on an annual basis. There is also a lack of accountability for medical device security. One third of manufacturers and HDOs said there is no one person in their organization with overall responsibility for medical device security.

hipaa penalty of $387,000 on employer for disclosure of patient test records

Vectramind  Healthcare Messaging Solutions

HIPAA VIOLATIONS PENALTY AT ST LUKE ROOSEVELT HOSPITAL FOR Disclosure of HIV Status to Employer Results

The Department of Health and Human Services’ Office for Civil Rights (OCR) has announced a new HIPAA settlement to resolve violations of the HIPAA Privacy Rule. St. Luke’s-Roosevelt Hospital Center Inc., has paid OCR $387,200 to resolve potential HIPAA violations discovered during an OCR investigation of a complaint about an impermissible disclosure of PHI.

 In September 2014, OCR received a complaint about a potential privacy violation involving a patient of St. Luke’s Spencer Cox Center for Health. In the complaint, it was alleged that a member of St Luke’s staff violated the privacy of a patient by faxing protected health information to the individual’s employer. The information in the fax was highly sensitive, including the patient’s sexual orientation, HIV status, sexually transmitted diseases, mental health diagnosis, details of physical abuse suffered, medical care and medications.

Instead of faxing the information, the data should have been sent to a personal post box as requested. The investigation revealed that the incident was not the only time that the HIPAA Privacy Rule had been violation in such a fashion. A similar incident occurred nine months previously when a patient’s PHI was sent via fax to an office where he volunteered.

 The Privacy Rule violations in both cases were particularly serious due to the highly sensitive nature of information that was disclosed. In the resolution agreement, OCR said the impermissible disclosures were egregious. HIPAA Rules require covered entities to safeguard patients’ protected health information at all times. However, the investigation revealed that St Luke’s had failed to do that on two occasions.

 Further, after the first impermissible disclosure, St Luke’s failed to address vulnerabilities in their compliance program to prevent further impermissible disclosures from occurring. Had those vulnerabilities been addressed, the second privacy violation may have been avoided. In addition to paying OCR $387,200, St Luke’s is required to adopt a corrective action plan.

The CAP involves reviewing and updating policies and procedures covering allowable uses and disclosures of PHI and training staff members on policy and procedural updates. OCR issued a press release announcing the HIPAA settlement in which OCR director Roger Severino said “Individuals cannot trust in a health care system that does not appropriately safeguard their most sensitive PHI,” explaining “Covered entities and business associates have the responsibility under HIPAA to both identify and actually implement these safeguards.” OCR consideration the nature of the breach and the extent of the harm caused when deciding an appropriate settlement amount. May is not yet over, but already there have been nine HIPAA settlements between OCR and covered entities to resolve HIPAA violations discovered during the investigation of complaints and data breaches.

At the current rate of almost two settlements a month, OCR will double last year’s record breaking number of HIPAA enforcement penalties. The increase in HIPAA penalties shows that OCR is taking a much harder line on covered entities that fail to comply with HIPAA Rules.

pharmacy chain riteaid's customer database hacked

Pharmacy chain Rite Aid has discovered unauthorized individuals gained access to the e-commerce platform of its online store and stole sensitive information of its customers over a period of 10 weeks. The attackers gained access to, and stole, personal information and credit/debit card details. An investigation into the breach revealed that access to the platform was first gained on January 30, 2017 and continued until April 11, 2017 when the intrusion was detected and unauthorized access was blocked. During the time that unauthorized individuals had access to its e-commerce platform, they obtained customers names, addresses and payment card information, including card numbers, expiry dates and CVV numbers. 

The incident impacts all customers who used the online store between the above dates and manually entered their payment card details. A leading cybersecurity firm was called in to help determine how the breach occurred, which individuals were impacted, and to mitigate future risk. Rite Aid is also working closely with payment card companies and assisting in their investigations of the data breach. Due to the sensitive nature of the data compromised in the attack, affected individuals face an elevated risk of experiencing payment card fraud. To reduce risk, all affected individuals have been offered 12 months of identity monitoring services free of charge through Kroll. At present, it is unclear exactly how many individuals have been impacted by the breach as this incident has yet to be reported on the Department of Health and Human Services’ Office for Civil Rights breach portal.

5 ways to ensure implementation of hipaa program

HIPAA Compliance is a term that is often thrown around the healthcare industry; however, I commonly ask myself – is the meaning of HIPAA Compliance the same throughout the industry? The answer is NO! Walking into a healthcare organization in the last month, the HIPAA Privacy Officer was excited to tell me that they are fully HIPAA compliant and don’t have any on-going concerns with meeting the regulations. A quick review of the documentation requirements and auditing practices indicated that there were many missing holes in their HIPAA Compliance Program.

One of the most effective ways to properly implement a solid HIPAA program is creating an action plan for compliance and assigning small regular tasks to get through entire HIPAA regulation. It is very important that HIPAA is an on-going process within the organization. It is not just a ‘one and done’ type of regulation due to the nature of work that we do in healthcare and the vast changes within our technologies used.

To help with HIPAA Compliance – here are 5 Essential Steps that must be taken to achieve a solid HIPAA Compliance Program.

 

1.Conduct a Risk Assessment/Analysis – if you haven’t conducted a risk analysis recently, it might be a great idea to conduct one again soon. Make sure to have a risk analysis report that provides information on how the audit was conducted, what systems were evaluated and what the identified risks were. Remember – don’t stop there. You must create a risk management plan and mitigate and/or address all the risks identified.

2. Create, Review and/or Update all HIPAA policies and procedures – policies and procedures create the foundation for success with HIPAA compliance. Conduct a gap analysis on your policies and procedures. Look for policies that you may be missing or policies that don’t meet minimum compliance. Then ensure that your organization is following the policies you have created. Use the HIPAA audit protocol as a guide for the policies and procedures. It sets up expectations of what should be written in policies and procedures.

3.Provide Workforce HIPAA Education – educating your entire workforce becomes an essential step in HIPAA compliance. Your workforce should know and understand what HIPAA is and the processes and procedures that are established within your organization, including understanding where the HIPAA policies and procedures are stored and maintained.

4.Conduct regular HIPAA Audits – HIPAA established requirements for the regular audits to show HIPAA compliance with the regulation as well as understanding who is accessing what protected health information for what purpose. A strong HIPAA audit program can help reduce the risk of internal threats and external inappropriate access to systems. Additionally, it allows an organization to understand the areas where they might be out of compliance and make the appropriate actions to meet compliance.

5.Use Security Technologies – HIPAA doesn’t mandate the use of any specific technology; however, the use of technology can help support HIPAA compliance within an organization. An organization should working with the information technology department or information technology vendor to determine where security technologies can be used in assisting with HIPAA compliance. Some technologies may include encryption, intrusion detection software, or audit logging software.

Again, take the mindset of working a little one these tasks each week and eventually you will get there. Anyone can build a solid HIPAA compliance program that has all the necessary components of the regulations!

Source

hipaa privacy rule of data security on mental health care

As providers work to maintain HIPAA compliance, mental health data security considerations remain paramount.

Mental healthcare is becoming an increasingly critical national issue. Covered entities and business associates that specialize in mental health are required to adhere to HIPAA regulations for maintaining, transferring, or sharing mental health data.

Without proper mental health data security, organizations could suffer a data breach and put sensitive information at risk.

How does mental health data security differ from regular PHI security? Are providers able to share information with family members and caregivers? What information are providers permitted to disclose to law enforcement, and for which situations is this allowed?

Current HIPAA regulations dictate that covered entities and their business associates must remain compliant when it comes to mental health records. Certain legislation making its way through the federal government could also potentially affect how organizations maintain HIPAA compliance and patient data security.

Organizations need to ensure that they understand all federal and state regulations when addressing mental health data security.

HIPAA regulations on mental health records

The HIPAA Privacy Rule requires that healthcare organizations maintain the privacy and security of mental health information. As with other types of PHI, the Privacy Rule also notes that there are certain circumstances where sensitive data “may need to be shared to ensure the patient receives the best treatment and for other important purposes, such as for the health and safety of the patient or others.”

“The Rule is carefully balanced to allow uses and disclosures of information—including mental health information—for treatment and these other purposes with appropriate protections."

For example, healthcare providers are allowed to communicate with a patient’s family, friends, or other individual involved in the patient’s care.

“The provider may ask the patient’s permission to share relevant information with family members or others, may tell the patient he or she plans to discuss the information and give them an opportunity to agree or object, or may infer from the circumstances, using professional judgment, that the patient does not object,” HHS explains.

HIPAA also allows healthcare providers to communicate to numerous parties concerning a patient’s care. These parties can include but are not limited to family members when a patient is an adult, parents of a minor patient, as well as family members, law enforcement, or others when the patient presents a serious and imminent threat of harm to self or others.

Source

how hl7 healthcare messaging ensure patient data compliance

Verctramind's  HIPAA compliant Healthcare Messaging Platform

Patient care requires fast-paced, asynchronous collaboration that ensures quick responses for life-saving decisions. Because text is the most rapidly responded to communication channel utilized today, many healthcare professionals communicate and collaborate via their mobile device. In fact, a recent HIMSS Analytics study reported 70.6 percent of IT professionals, clinicians, C-suite executives, and department heads use smartphones for EHR access, and 76.5 percent access clinical information through smartphone apps. However, according to Lisa Gallagher, vice president of technology solutions for HIMSS, text messaging by clinicians is a major source of protected health information (PHI) leaks and violation of HIPAA privacy and security standards.

To reduce cybersecurity risk, ensure compliance, and improve efficiency, healthcare organizations have started to implement enterprise-wide secure messaging platforms to communicate sensitive information and patient data. These platforms allow employees to leverage the convenience of text messaging without jeopardizing the integrity of patient data or the reputation of the business that could result from a data breach or compliance violation. While larger healthcare systems have started to incorporate secure messaging into their communications, small and midsize organizations, specialty clinics, support groups, and even dentistry should also strongly consider utilizing these platforms as they’re held to the same standards and face the same risks.

Cybersecurity Risks To Patient Information and why HL7/HIPAA compliance is necessary in messaging

Healthcare consistently ranks as the number one, most targeted industry for cybercrime which is no surprise given the fact patient data sells for more money than any other information on the black market. Because healthcare organizations have lagged behind in terms of implementing advanced cybersecurity technology — and attackers are becoming ever more sophisticated — cyber threats show no sign of slowing down. In fact, major cyberattacks on U.S. healthcare organizations increased 63 percent in 2016 alone. However, cyber criminals are not just targeting enterprise healthcare systems, as one of the biggest healthcare data breaches of last year affected 882,590 patients of an anesthesiology and pain clinic.

While hospitals may have protection for their computers and systems such as antivirus and firewalls, a new trend in ransomware is targeting mobile devices. According to Kaspersky Labs, between 2014 and the present mobile attacks have almost quadrupled and are expected to be even more popular in 2017. Without a secure messaging platform in place, hospitals and healthcare organizations will remain vulnerable to advances is “smishing” (SMS phishing) and other mobile cyberattacks, as 95 percent of healthcare professionals, physicians, and nurses use their smartphones and tablets for work — whether sanctioned or not.

Unlike SMS text messaging, senders communicating via an advanced secure messaging platform have complete control of the communications, images, and documents they deliver meaning, recipients cannot copy, forward, store or share information received. This denies unintended propagation of sensitive patient data outside of the circle of care. Further, secure messaging platforms can prevent images from being screenshotted and users can shred or expire sent messages at any time from all devices and message servers, providing ultimate control over the conversation and content at all times. Messages can also be set to automatically expire based on corporate policies that establish appropriate timeframes per role.

Stricter HIPAA Standards

Due in part to the increase of cybersecurity risks that threaten the integrity of patient information, HIPAA will be enforcing stricter compliance requirements for small to midsize healthcare businesses this year resulting in higher fines and even jail time for major violations. Hospitals not requiring employees to communicate via secure messaging platforms not only put patient data at risk, but their entire business as employees will continue to use non-compliant messaging channels to communicate sensitive patient information if a secure option is not available.

Secure, ephemeral, and compliant messaging platforms provide a means in which to confidentially collaborate between care giving teams, physicians, specialists, pharmacies, payers, and even the patient, enabling healthcare professionals to utilize text in a HIPAA-compliant manner. What’s more, advanced platforms integrate with leading EHR and scheduling systems to increase efficiency and compliance. Further, a reputable secure messaging provider does not have control or even a copy of users’ data, so patient data is always under the control of the healthcare organization.

By archiving a single instance of text messages into the EHR to ensure complete and comprehensive record, any burden of manual transcribing is essentially eliminated and can, in fact, improve efficiency and decision making for superior patient care.

Efficiency Challenges Prohibiting Collaboration

When caring for patients with changing care needs, nurses often need to locate doctors in-person or via phone to verbally communicate updates which can often result in miscommunications or delayed care. Relying solely on verbal communication hinders workflow, patient care and collaboration should the physician or practitioner not be on call, in surgery or otherwise unavailable — something particularly important during emergency situations. Whereas waiting for a return call can delay treatment, text is an alternative, quick response mechanism in which to share information, images, etc., in order to quickly get direction and orders on how to proceed.

Unlike in-person communication, a geographically-separated doctor can easily collaborate and consult with other doctors or nurses throughout the decision-making process via secure messaging. With the ability to take and share photos real time, healthcare organizations can improve the odds of better patient care and, in some cases, patient survival. Further, secure group chat features create a central source for collaboration and shared decision making among care providers.

In an age of increased innovation, mobility, and security concerns, secure messaging helps organizations improve efficiency and business workflows to expedite response times, improve decision-making, and increase knowledge sharing – all without jeopardizing security or compliance. From admissions, to emergency room staff, to physicians and specialists, to nurses and home healthcare and hospice, to skilled nursing and more; secure messaging helps medical professionals communicate with confidence.

Source

4 ways of secure messaging communication in hospitals

Healthcare professionals provide patient care 24/7 and they are often urgently needed at unpredictable times and locations. For decades, healthcare has addressed the need for physician and nurse alert notifications with numeric and text pagers supplemented with overhead paging systems. These notifications were adequate but often uninformative, inconvenient, disruptive and most importantly, costly.

In this day and age, the traditional way of paging a specialist and waiting for a callback is inefficient. Messaging a provider via a secure messaging application, then going back to take care of your other patients, as opposed to waiting by the phone for a response, is more time efficient. Customer service is always necessary; this form of messaging enables the provider to have less interruptions.

In various healthcare environments, nurses continually need the ability to access clinical data as well as communicate with other members of the care team. With many providers regularly utilizing and carrying their smartphone with them everywhere, secure messaging seems an efficient way to communicate.

Secure messaging is utilizing a secure encrypted texting application that allows providers to respond at a convenient time, allowing for better productivity and improved patient care. Replacing pagers with secure messaging can save hundreds of dollars per provider, which can generate enormous savings with larger healthcare organizations while providing the HIPAA (Health Insurance Portability and Accountability Act) compliance needed.

Liability Concerns

However, secure messaging poses potential legal implications and potential breeches of patient information.1 For healthcare information technology leadership there is the need to improve on this clinical communication deficit; however, there also is a need to meet the compliance and security requirements. With IT security breaches constantly in the news, a secure communication device that enables healthcare workers to communicate efficiently is needed. The Imprivata Report on the Economic Impact of Inefficient Communications in Healthcare estimated inefficient communication costs U.S. hospitals an estimated $11.2 billion in annually in employee time wasted. Secure messaging alone, the study concluded could generate savings of about $5.88 billion lost to efficiency, or more than $918,000 per hospital annually.

Secure messaging has been called on as a way of providing healthcare organizations with a HIPAA compliant way of communication for providers. It was even recently approved by The Joint Commission for communicating patient information.

Among the solutions are services that allow providers to receive encrypted email on mobile devices, as well as services that allow providers to coordinate care. However, security issues with these new technologies must be further explored. It is difficult to quantify the cost of preventing a breach of information either text wise or by loss of a flash drive.

The easiest way to determine the overall loss is to review breaches of facilities in the press, and calculate the cost it took to deal with the event. More importantly than what the lost covered is the loss to the hospital's reputation, and that is difficult to determine. With the continued emphasis on customer service, no organization can afford a loss of reputation in their community.5 With texting being difficult to control among providers, some organizations have implemented secure messaging applications in the hope of mitigating as much as possible.

Ease of Use

There are a variety of applications that are capable of providing secure texting, are user- friendly, and allow for effortless communication. An enormous benefit of secure messaging is that it addresses has three key features of security that are necessary to support HIPAA compliance. These applications also satisfy guidance provided by the Joint Commission on secure texting such as authentication, encryption and auditability. What makes these applications unique is they allow all users within an organization to participate in secure conversations utilizing a variety of assorted devices. Users access via computers, tablets or smartphones. The device doesn't have to be a company device, so users can download the application to a personal smartphone, eliminating the need to carry a secondary phone.

Previously, when discussing a case on a cell phone, nearby people could overhear, the call could be lost due to a poor connection or there could be a miscommunication. With these applications, the response is secure on your phone, complete with a time stamp.

Value to Nurses

It is important to recognize all disciplines are essential in providing patient care; therefore they should all be invited to access the application. Sharing this with as many disciplines in your organization as possible it also enables feedback on how to improve the application for your facility. As the technological needs increase this enables for the continuous quality improvement of this feature.

Nursing has always been a critical part of the healthcare team; such applications would be welcomed on any nursing unit, and will surely impact patient outcomes. An example of the benefit is a concerning EKG (electrocardiogram) in need of a second opinion. Previously you could fax it to the office and wait. Now you can have a response in minutes. Take a photograph with your phone, open up your secure messaging application, type a synopsis of the case, attach the photo, and send. With the application available on a nurse's mobile work station, she can resume her medication pass, and await an alert on her monitor to notify her that the provider has responded. This enables the nurse to remain mobile, fulfilling the patient care side of her position, as well as her care coordination role, which improves both patient and nurse satisfaction.

Another routine part of healthcare that could benefit from the use of secure messaging is consultations. Typically, just submitting the consult could be burdensome, which often could have a negative effect on the patient. With secure messaging applications, you can request a consultation as a preformatted secure text message and include specifics as to why the consult was placed. Secure messaging can help the patient outcome, by transmitting photos of the medical record to the consulting physician. The speed and efficiency this enables will surely provide an organization with increased satisfaction, and a decrease in length of stay.

Efficient Communications

Utilizing the application in the emergency department is one way to see its benefits. With a constant influx of patients, time management has never been more important than in the ED. Physicians as well as nurses, are both under pressure with limited time. Secure messaging in this environment will help with patient turnover. The consulting physician can respond at their leisure, and the ED physician can tend to their patients giving 100% of their attention to the patient, and check their messages at their leisure.

When a patient is discharged, and a transition of care is initiated, the provider can contact the patient's primary care physician to alert them of this hospitalization as well as the discharge. Being able to provide patient-related information in a fast and secure makes an impact on a healthcare provider's ability to care for their patients and provide continuity of care.

In this day and age of patient satisfaction, organizations have to meet the needs of their patients, providing the best in customer service while not increasing their cost. With this need in mind all facilities need to determine their organization's readiness to embrace this secure messaging application. The Impriva Report on the Economic Impact of Inefficient Communication in Healthcare estimated that employees wasted an average of 91 minutes a day because of inefficient processes in patient care, communication with colleagues and prescription fulfillment.2 This is time that could be spent with the patient, which in healthcare should always be our primary objective.

Source

3 ways to ensure hipaa compliant secure messaging

Enabling Providers to Use Truly HIPAA Compliant Messaging

Direct messaging is increasing in popularity, but how exactly does it tie into HIPAA compliant email and what should providers understand before implementing it?

As technology continues to evolve, healthcare organizations of all sizes are working to remain current in what they can offer to providers and patients while also keeping PHI secure. Covered entities now have various options of communication, and HIPAA compliant email is often a necessity.

However, healthcare organizations cannot assume that any form of email communication will in fact keep PHI secure and adhere to HIPAA regulations. Even third parties are not always exempt from HIPAA compliance as they communicate with healthcare organizations.

As Linda McReynolds, Esq. & Ronald Quirk, Esq. explained in a HealthITSecurity.com contribution, it is important to understand the difference between companies that offer a “mere conduit” service and an actual business associate.

“Entities that provide 'mere conduit' service are excluded from HIPAA liability,” McReynolds wrote. “The mere conduit exemption applies to telecom or information services that exclusively provide transmission or temporary storage of transmitted data incident to such transmission. This includes entities such as internet service providers (ISPs) and paging carriers.”

They key difference is the transient versus persistent nature of the opportunity to view the PHI.

“To qualify as a conduit, a service provider must ensure that PHI is only temporarily stored,” she explained. “It is irrelevant whether the service provider actually views the PHI.”

Healthcare organizations and business associates cannot assume that all forms of email are in fact HIPAA compliant email.

HIPAA compliant secure messaging

In terms of secure messaging usage, that has increased 30 percent from 2013 to 2014, according to an Office of the National Coordinator for Health Information Technology (ONC) data brief. Half of surveyed physicians – 52 percent – said they exchanged secure messages

Forty-two percent more physicians also said that they allowed patients the ability to view, download, or transmit access to their electronic health information.

More patients are able to take advantage of secure messaging options as well, with a separate ONC data brief showing that 51 percent of hospitals in 2014 allowed their patients to send and receive secure messages. Furthermore, 10 percent of hospitals provided secure messaging options in 2013, while 64 percent of hospitals provided it last year.

The HIMSS HIE and Direct Messaging Survey also found that many healthcare originations support Direct messaging as the method choice for exchanging data. However, there were still challenges cited about incorporating structured data into the EHR.

Secure email, helping with transitions of care, ADT notifications, patient communication, and handling consult requests between physicians were the top reported uses of Direct messaging, according to the survey.

“Use of Direct to enable HIE has been a bumpy ride and while variability exists in the market, the message should be that HIE is growing, the market is maturing and we are all learning how to better collaborate with our community partners,” HIMSS Director of Informatics Mari Greenberger and Sean Kennedy, Director, HIE, Mass eHealth Institute, wrote in a blog post at the time of the survey’s release. “The inter-organizational exchange of information in support of improved patient care is challenging, but from the feedback in this survey ‘the cost is worth the benefit.’”

Approximately half of the survey respondents also said that the cost of using Direct is worth the benefit of information exchange. Three-quarters of respondents – 76 percent – also reported access to a provider directory, 64 percent said they can access internal providers from that directory from within their EHR.

In terms of HIPAA compliant secure messaging, the HIPAA Security Rule does not require specific technical solutions. However, it does state that healthcare organizations must determine reasonable and appropriate safeguards.

“It is important, and therefore required by the Security Rule, for a covered entity to comply with the Technical Safeguard standards and certain implementation specifications; a covered entity may use any security measures that allow it to reasonably and appropriately do so,” the HHS HIPAA Security Series states.

Source

secure vs hipaa compliant text messaging

White paper from DocHalo explores the differences between secure vs. hipaa compliant text messaging and what features make a secure texting solution truly HIPAA-compliant.

The need for physicians and other healthcare team members to be in constant communication with each other has never been higher. Secure texting applications seek to provide healthcare professionals a quick and convenient way to connect while complying with the Health Insurance Portability and Accountability Act (HIPAA) and other privacy regulations.

Text messages are, in principle, an excellent way to transfer information on the go. They are useful in communication between doctors, nurses, office staff and even patients. Text messaging is a viable replacement for older, less efficient technologies such as the pager. Texting is real-time communication which email doesn’t equal. Physicians have shown an affinity for the method. In a study published in 2014, well over half of physicians at pediatric hospitals reported sending and receiving work-related text messages, and 12 percent said they sent more than 10 messages per shift .

Unfortunately, despite being used frequently in healthcare, standard text messages and most “secure” applications lack the encryption and other features needed to avoid potentially costly and embarrassing HIPAA infractions. Such violations, if due to “willful neglect,” can lead to fines of $50,000 per violation, to a maximum “of $1.5 million a year. The right physician messaging solution keeps PHI private while making healthcare professionals’ lives easier and improving quality of care. Choosing an app that will truly keep your patients’ data safe, however, can be a challenge because “secure” does not always mean “HIPAA-compliant.” HIPAA-compliant is much more stringent and unfortunately most applications just aren’t.

Source

mobile healthcare communications shift towards messaging

HIPAA-compliant options are helping healthcare systems relay important information using familiar platforms and devices.

Websites, patient portals, and lower-tech communications such as interactive voice response outreach still dominate the healthcare industry. The industry has been slow to wake up to the societywide tectonic shift to mobile messaging as a preferred communication mode, both from provider to provider and from provider to patient.

Indeed, to turn the old Marshall McLuhan adage on its head, the message is the medium. According to a 2015 study from Juniper Research, instant messages (IM) sent on platforms such as WhatsApp, Facebook Messenger, and Snapchat were poised to overtake email as the most popular digital communication channel.

Physician to Physician

Secure mobile messaging has made its biggest progress so far in connecting physicians to other physicians and healthcare system staff. "It's really about solving workflows for folks who are very busy," says Ed Ricks, MHA, vice president and chief information officer of the acute care, 180-staffed-bed Beaufort Memorial Hospital in Beaufort, South Carolina.

When Beaufort began its mobile messaging initiative four years ago, staff were at the mercy of voice mail and phone tag. "It leads to frustration, and it's just not [an] efficient workflow," Ricks says.

In response, staff had—without management guidance—begun using consumer-grade mobile messaging embedded in the consumer devices they carried. "They went to their devices and were texting each other, because it worked really well," Ricks says. "The challenge is it wasn't secure from a HIPAA perspective. We had protected health information sometimes being texted back and forth.

"A lot of people would say, 'Oh, we've got it solved. We've got a policy that says we prohibit texting of PHI.' For us, that's like sticking your head in the sand. It really doesn't solve the problem."

In response, Beaufort implemented Imprivata's Cortext secure messaging technology. "It's gone well," Ricks says. "We wanted a small pilot of six or eight physicians just to get them going at first, and within about two or three weeks, we had 50 or 60 people in our pilot, because it helped them solve workflow and organizational efficiency."

Shortly thereafter, an executive committee of Beaufort's medical staff, an independent body apart from Beaufort management, decided to ask all physicians on staff to use Cortext. "That really helped grow it for us," Ricks says.

Two other management decisions smoothed adoption. "We used to have a policy that said you could never use your personal cell phone at work," Ricks says.

Source

hipaa-compliant messaging services market expected to expand at a steady through 2027

HIPAA (Health Insurance Portability and Accountability Act) Complaint messaging service is a secure messaging solution which enables healthcare system to protect the health information while still allowing communication between users. These services meet the standards for privacy and security during the communication of electronic protected health information with an alternative to messaging and ensures that administrators can have access to information in encrypted form. The potential benefits of HIPAA-Complaint Messaging Services are used to send two directional secure messages with personal information. Services can reach out staff, patients, and partners virtually anywhere. HIPAA compliant messaging services is also used to send appointment reminders and prescription reminders. It gives more control over their medical information, and it also sets boundaries on the usage of health records. According to patient’s privacy rights, this services can hold violators accountable, with civil and criminal penalties that can impose in the case of violation. The HIPAA legislation was enacted in 1996 and concerned with three basic issues i.e. privacy, security and administrative simplification. Administrative simplification of HIPAA involves a standard for transmission of information regarding diseases, diagnoses and other medical conditions. Its intention is to streamline the administrative and financial aspects of healthcare.

HIPAA-Compliant Messaging Services Market: Drivers and Restraints

Current healthcare communication depends on some disparate solution must be cobbled together to find the needs of different departments and rising concerns of communication workflow in healthcare driving the burgeoning growth of the HIPAA complaint messaging services market. This service used for reminders, staffing, business continuity, and campaigns with multiprotocol communications and also provides enterprise-grade administration, management. Rising security issues in healthcare systems and high demand for encryption standard to secure channels. Along with it, increasing government support and rising healthcare funds, altogether driving the HIPAA complaint messaging services market to new heights. HIPAA compliant messaging services reduces paperwork in the healthcare system and provides information regarding health plan specific reporting, filing requirements for health care system.

Due to the complexity of HIPAA compliant messaging services, the adoption rate is decreasing which is a restraint on the growth. The regulations of HIPAA increased the paperwork burden for doctors considerably, according to the American Medical Association. HIPAA complaining messaging services has spawned a mini-industry of companies and consultants who help medical professionals comply with the law’s lengthy provisions.

HIPAA-Compliant Messaging Services Market: Segmentation, Market Overview, Region-Wise Overview

HIPAA-Compliant Messaging Services Market Segmentation By Based Type – Standalone, Cloud Based; By End User – Hospitals, Clinics, Healthcare Institutions

Global HIPAA-Compliant Messaging Services market has witnessed a robust growth due to increasing adaptation among different segments of end users. The Companies focus is shifting towards innovation to acquire market by the uniqueness of services. Increasing government support for improvement of the healthcare system and rising concerns of healthcare issues are driving the growth of the HIPAA complaining messaging services market. The future of HIPAA-Compliant Messaging Services market anticipated with double CAGR during forecasting period.

Global HIPAA-Compliant Messaging Services market segmented into following regions North America, Latin America, Western Europe, Eastern Europe, Asia-Pacific, Japan and the Middle East and Africa. North Americais dominant in the Global HIPAA-Compliant Messaging Services mainly due to the well-established healthcare system. In North America, particularly USA is dominating due to the high adoption of HIPAA compliant messaging service. Economic conditions in the APAC region are set to drive the HIPAA-Compliant Messaging Services market to new heights. European and APAC are fastest growing region due to increasing government funding for improvement of the healthcare system. Growth in the Middle East and African region is considerably less but still with significant growth due to increased focus on healthcare.

Source

hipaa compliant secure mobile messaging for critical healthcare communication

HIPAA Compliant Secure Mobile Messaging for Critical Healthcare Communication by vectramind on Scribd

how provider communication increases patient secure messages

Providers who want to drive patient engagement through patient portal secure messages may need to step up their own messaging habits, according to a recent study published in the Journal of Medical Internet Research.

Secure messages via the patient portal are one of many reasons why patient portals are lauded as such an integral part of patient engagement. Secure messages help build better patient-provider relationships through more frequent and convenient communication.

“Better patient-provider communication is important because their relationship is at the center of health care service delivery,” said a research team from Army-Baylor University. “A supportive patient-provider relationship has been shown to be associated with many positive outcomes, including increased patient compliance, decreased pain, and shortened recovery periods.”

However, is secure messaging useful for driving patient engagement if neither patients nor providers actively use it?

While secure messaging does offer patients an avenue to ask medical questions and build a relationship with their provider, these efforts are often all for naught. Patient portal and secure messaging benefits can only be realized when patients and providers are both meaningfully using the technology.

Patient portal and secure messaging uptake is low, the Army-Baylor researchers pointed out. One separate study found that secure messaging rates are as low as 10 to 30 percent amongst patient portal adopters.

For its part, CMS has even made patient engagement thresholds easier for the Medicare and Medicaid EHR Incentive Programs. Under Stage 2 Meaningful Use, providers only needed to exchange secure messages with one unique patient.

However, lowering the standard for secure message exchange and patient engagement is likely not the answer, the researchers suggested. Instead, providers must engage their patients using secure messaging. More provider messaging begets more patient messaging, the researchers asserted.

“Patients may lose interest in such resources if providers do not encourage the use of electronic tools or lead by example by becoming active users of the tools themselves,” the research team said.

“Furthermore, the way and degree to which providers generally engage in messaging may represent a marker of the level of approachability that is perceived by their patients during care,” the researchers continued. “Provider receptiveness to communication, an otherwise difficult-to-assess factor, might be indicated by the willingness of patients to initiate secure messages with their clinicians.”

In a retrospective analysis of 81,000 medical records from US army patients, the researchers confirmed that hypothesis.

The team looked at nearly 25 million secure message interactions between army patients and nearly 3,000 clinicians to find that strong clinician interaction via secure message correlated with meaningful patient engagement.

Patients with providers who regularly initiated conversations between patients were 60 percent more likely to regularly utilize secure messaging. Surprisingly, patients with providers who regularly responded to secure messages were 334 percent more likely to initiate a conversation.

Patients were also more likely to engage with secure messages when their providers did the same, potentially because patients perceived certain characteristics from provider messages.

Providers who made personal interactions via secure message functionalities – especially those who offered unique responses to queries – usually put forward a warmer attitude that appeared likely to deliver personalized medicine.

Conversely, clinician-initiated messages might have appeared less personal, more automated, or more like a check-box task, the researchers reasoned.

“We therefore theorize that patients’ willingness to initiate messages may stem from their appreciation of provider traits that, in turn, are associated with the provider’s propensity to robustly engage in different types of secure messaging,” the research team said.

“These traits might be more evident among clinicians who choose to personally respond to patient messages and do so at high rates,” the team continued. “Provider-response messaging may be more influential than provider-initiated messaging because provider-response messaging is likely a more personal type of messaging, tailored to each specific patient’s needs.”

However, the researchers cautioned there could be a flip side to these findings. Patients may become frustrated with providers who exclusively communicate via secure message, eventually perceiving these conversations as impersonal.

“Alternatively, it is possible that patients may initiate messages due to frustration with their ability to communicate with providers because their providers use secure messaging to avoid face-to-face and telephone encounters,” the researchers explained. “Provider messaging use therefore requires substantial further study in order to better understand how providers differ when stratified by secure messaging usage levels and types.”

Ultimately, these findings show a better path forward for meeting patient engagement requirements than lowering thresholds, the researchers asserted.

“Perhaps a more useful approach would be to require that providers demonstrate a minimum level of engagement with secure messaging and to sponsor studies that examine the factors associated with all use levels and types,” the team concluded.

Source

healthcare data storage options: on-premise, cloud and hybrid data storage

Healthcare organizations are challenged with selecting the on-premise or cloud storage solution that best suits their health IT infrastructure.

Healthcare organizations are building their IT infrastructures to be more flexible and scalable to meet the growing data demand. With value-based incentives for data analytics and the increased number of connected medical devices constantly collecting data, organizations are challenged with storing clinical data in a way that is both HIPAA-compliant and easy for authorized users to access.

Traditionally, healthcare organizations have shied away from cloud data storage in favor of on-premise options because of the control IT administrators have over physical datacenters. However, entities are recently more likely to implement cloud storage into their IT infrastructure to some extent because of the reduced maintenance costs and improved HIPAA-compliance.

Cloud data storage options offer a flexible and scalable environment at a lower cost than on-premise deployments, which is appealing to covered entities. Organizations exploring data analytics are expecting their storage requirements to steadily increase as Internet of Things (IoT) and mobile devices collect data that needs to be stored.

One of the biggest data storage challenges healthcare organizations face is how to piece together legacy systems while integrating new systems into the infrastructure. Many entities cannot afford to mass migrate data from one storage system to the other, which is why interoperability between different cloud vendors is necessary for a smooth transition.

Not every healthcare organization will benefit from the same type of data storage, which makes choosing a storage deployment a challenge for any organization. HITInfrastructure.com will discuss the benefits and drawbacks of different storage options and explore the potential of on-premise hosted virtualized storage solutions.

Source

how virtual desktop infrastructure supports patient care

VDI allows clinicians to use technology at the point of care to quickly access EHRs, improving patient care.

Value-based care initiatives have pushed healthcare organizations to embrace more advanced technology as priorities have shifted from security concerns to how to access information securely, quickly, and conveniently.

Virtual desktop infrastructure (VDI) and virtual infrastructure solutions have become more prominent ways for healthcare organizations to consolidate health IT systems and save on infrastructure costs while increasing operational efficiency.

As health IT grows more advanced, patients expect clinicians to use technology that allows them to easily and securely access necessary information.

VDI supported by virtualized infrastructure consolidates processes and allows clinicians and IT administrators to cut down on the time spent logging in or monitoring systems, devices, and applications.

HITInfrastructure will review the basics of VDI, and discuss how some organizations have successfully utilized it to improve workflow and patient care.

Source

network connectivity, storage challenge healthcare push

As organizations adopt the healthcare IoT, significant infrastructure considerations such as network connection and storage need to be addressed.

The growth in value of healthcare Internet of Things (IoT) analytics pressures organizations to examine their IT infrastructures and assess how they can support the influx of healthcare IoT data and device connections.

The healthcare industry is one of the most data intensive verticals using IoT devices. Healthcare organizations are looking to the analytic capabilities of IoT devices to save on overall costs.

IoT devices allow organizations to remotely monitor devices and also collect invaluable data that can be applied to current and future patients, providing otherwise impossible insight into certain conditions.

A Gartner report released late last month stated that analytics enables the most visible impact of the IoT because of the reach it has for analytic possibilities.

“The possibilities for analytics are limitless, and ever-growing data sources present more opportunities to innovate through holding novel insights,” Gartner stated. “But currently, data and analytics leaders should narrow their focus to deriving additional value from the ongoing IoT implementations.”

“Examples are an increase of the equipment life span, asset optimization, predictive maintenance of devices, anomaly detection in the manufacturing processes or finding new product usage patterns.”

Gartner report authors found that the IoT market has no single preferred way to implement analytics capabilities. The report confirmed that organizations take varying approaches to IoT analytics with no approach taking precedence over another in any vertical.

Organizations also often used a mix of methods to collect, process and sort IoT data.

Gartner advised organizations to familiarize themselves with the full range of IoT infrastructure innovations and best practices, and to also remain aware of opportunities, risks, and new technologies and services.

Network connectivity is one of the biggest infrastructure challenges organizations run into when implementing IoT solutions.

Taoglas Co-Founder and Co-CEO Dermot O’Shea told HITInfrastructure.com that medical IoT devices benefit organizations greatly. However, network connectivity can make or break an IoT solution.

“It’s been shown that medical IoT devices save a lot of money because they get people out of the hospital,” O’Shea explained. “If IoT devices can diagnose people in advance then that saves huge costs. We can see nothing but benefits from medical devices being connected. Working with medical device companies brings a much larger delta of savings and benefits than any other vertical.”

Most healthcare organizations use cellular connections over WiFi connections because they are more reliable and don’t have the same lengthy login protocols or physical network restrictions as WiFi.

“Most organizations use cellular because it’s the only reliable way to really communicate with the devices,” O’Shea stated. “If you’re only using WiFi then you’re relying on the user, patient or caregiver to do all the WiFi connectivity in terms of selecting the WiFi network and putting in the password.”

Connected medical devices need to meet certain certifications and a certain level of performance. Each device is tested on how well it sends and receives data. The devices need to be tested on how weak a signal they can give off while still being connected.

Medical IoT devices are often a unique shape and contain other high powered electronics that can interfere with network connectivity.

Ensuring that medical devices are properly equipped with the proper antennas for cellular connectivity is vital for the devices to pass certifications required for healthcare IoT devices.

Organizations need to focus on how they are going to store the IoT data collected for analytics after working through IoT device connectivity.

Healthcare organizations can store collected data on-premises, in the cloud, or a combination of the two. Cloud computing is the preferred method of storage for analytics because many analytic platforms run in a cloud environment.

Cloud storage is also much more affordable at meeting the scale demands of IoT analytics data.

However, healthcare organizations find a certain level of comfort in storing clinical data on-premises. Forward Health Group CTO Jeff Thomas told HITInfrastructure.com that there is a comfort level for organizations in knowing that their data is in their data center.

“They can walk up and touch it, and sometimes it's that emotional comfort factor that has some healthcare organizations leaning toward keeping data in house,” Thomas noted.

On-premises servers offer healthcare organizations more control over their data, but are costly to maintain which is a major reason many organizations are migrating to cloud.

“Cloud solutions are very beneficial from the standpoint that as you migrate data, you don't need to maintain your own datasets which can be costly and expensive,” continued Thomas. “I’m saying costly but maintaining datasets on-site can also be expensive in that it takes up real estate which can sometimes be used for something else.”

Cloud storage also trumps most on-premises solutions by scaling up on-demand rather than having organizations wait for new physical server to arrive and be set up. Organizations only need to pay for the cloud services they are using so they can scale cloud infrastructure down as analytics projects are implemented and completed.

Network connectivity and storage are two of the main infrastructure requirements for a fully supportive IoT analytics deployment. Organizations cannot more forward with IoT analytics incentives without the proper infrastructure solutions and tools to support it.

Source

using enterprise mobility management (EMM) for healthcare data security

Enterprise mobility management (EMM) is vital to healthcare data security as more organizations adopt mobile strategies.

Healthcare is going mobile and clinicians are utilizing more advanced devices as they cut their cords. But as staff members move around more freely, how can providers ensure that their patients’ protected health information (PHI) stays secure?

Protecting those devices – and the data they access – through secure enterprise mobility management tools (EMM) is becoming an increasingly important strategy for organizations.

Enterprise mobility management has matured over the past several years as organizations realize the risks associated with mobile devices, particularly with mobile applications accessing electronic health records and PHI. As security risks surrounding these datasets increase, provider organizations must keep pace with evolving threats.

Healthcare mobility environments are increasingly complex as employees use their own devices to access PHI. Unsecure user devices brought in under BYOD policies and proprietary third party apps leave security holes that hackers will use to bypass network security.

“The healthcare industry is highly targeted from a security perspective,” Travelers VP Chief Underwriting Officer Mike Thoma told HITInfrastructure.com. “The value of healthcare records is so high because there is so much information that can be gleaned from a healthcare record. Addresses, SSNs, payment methods, insurance information as well as the health information of the individual.”

When users access healthcare data on an unsecured device, they are committing a HIPAA violation. An unsecured mobile device that is lost or stolen with PHI on it is a massive security risk to the healthcare organization, and can result in significant fines and a damaged reputation.

Implementing a complete EMM solution is not easy. Some of the top challenges organizations face when deploying and upgrading an EMM solution include the scope and depth of the deployment. EMM solutions need to cover a high volume of devices as well as keep track of information on the device.

IT departments must have a strong mobile management strategy in place not only to ensure that all apps are running correctly, but also to detect abnormal behavior that could be a sign of a potential attack.

To stay on top of the latest exterior and insider threats, healthcare organizations must understand how to deploy a secure yet unobtrusive enterprise mobility management solution.

Source

care collaboration and avoiding hipaa violations

Using technology in medicine can be a double-edged sword. On one hand, it's easier than ever to collaborate on care, log into an Electronic Medical Record (EMR) to quickly find patient information, transmit orders, and send and receive information from colleagues.

However, using that same technology improperly can result in a HIPAA violation, which can result in fines. Just last year, a former nursing home operator was fined $650,000 for a stolen iPhone that contained medical records for more than 400 patients. The theft led investigators to uncover lax mobile device policies related to personal health information (PHI) that likely resulted in a larger award.

It's not just stolen phones that physicians and practices need to worry about. A report from Spyglass Consulting Group shows that 96 percent of physicians use smartphones as their primary device to support clinical communications. Each unencrypted text message, document or photograph that contains PHI is a potential HIPAA violation, subject to a fine between $100 and $50,000 per incident depending on the severity of the violation, up to a yearly maximum of $1.5 million.

Keeping Pace with Technology

Younger workers don't remember a time when they didn't have constant access to a smartphone, so it's no wonder the smartphone is the go-to device. The vulnerability of the devices to theft and HIPAA guidelines that govern protecting PHI while data is at rest, during transmission and at the sender require health providers of all sizes to take definitive steps to safeguard data and devices. Remember, HIPAA also applies to your business associates: other providers, pharmacies, billing companies, labs, imaging centers, and other people and entities that you exchange data with. Any potential HIPAA solution must address the needs of not only you and your staff, but also your business associates.

The Joint Commission allows secure texting, as outlined in an order issued last year. A secure text messaging platform that includes the following must be used:

•Secure sign-on process

•Encrypted messaging

•Delivery and read receipts

•Date and time stamp

•Customized message retention time frames

•Specified contact list for individuals authorized to receive and record orders

But are physicians clear whether texting other providers about a patient from a personal device is secure and HIPAA compliant?

Creating that type of environment is not occurring at a pace that physicians desire, according to the Spyglass Consulting Group survey. Only three in 10 physicians believe hospital IT is making sufficient investment to address the point-of-care mobile computing communication needs for caregivers. Reasons cited include poor mobile EHR tools, lack of planned investments and insufficient mobile user support.

Consider Cloud-based Collaboration

The value of collaboration across the care team has never been higher, necessitating that health systems, imaging centers, and physician practices of all sizes find a solution that works for everyone in the care continuum. This must benefit patients, and cannot run afoul of HIPAA regulations, which are coming under increased scrutiny.

The problem is that cell phones and cellular networks are vulnerable to hacking at nearly every point in the process, so many providers are exploring closed-loop systems such as virtual private networks (VPNs), secure Wi-Fi or, cloud-based solutions. For all but the largest providers, VPNs can be difficult to set up and tricky to operate. A simple malfunction could leave your network exposed to outside threats. VPNs and secure Wi-Fi also require authentication of new users, which makes secure messaging cumbersome and creates more work for IT staff or practice managers.

A better solution may be the cloud where data is maintained and transmitted securely.

A handful of forward thinking secure messaging providers are making it easier for care teams to collaborate in a secure environment and experience the benefits of connected healthcare.

Family physician Tracey Haas of DocbookMD offers a mobile app for both Apple and Android smartphones and tablets that allows physicians to send HIPAA-compliant messages bundled with photos of X-rays, EKGs, photos of wounds, and more, just as if they were sending a text. Another cloud provider HIPAAOFFICE offers an end-to-end suite of office apps that enable providers to connect, create groups, assign and track tasks, send and receive email and text, and share files and calendars in protected HIPAA compliance. Companies like IBM are leading the way, offering enterprise unified endpoint management (UEM) solutions.

Care collaboration is becoming easier and more secure thanks to advanced technologies that allow providers to communicate and share data in a secure environment. The key for providers of all sizes is to make sure their care teams are careful to use the technology that safeguards PHI at every possible point, and in turn, help physicians avoid HIPAA violations.

Terry Douglas has worked directly with over 3,000 medical practices with technology efficiencies and led product and marketing efforts at leading healthcare software companies. Today, Terry is on the executive leadership team at PracticeSuite, and he writes about practical education topics in practice management, electronic health records, and medical practice operations.

Source