Page 22 - Part 1 Navigating Electronic Media in a Healthcare Setting
P. 22
SVMIC Navigating Electronic Media in a Healthcare Setting
enjoy the same speed and convenience as SMS or IM text
messaging but are unable to send messages containing PHI
outside of the communications network, copy and paste encrypted
data or save data to an external hard drive. Should there be a
period of inactivity on the app, the user is automatically logged out.
All activity on the communications network is monitored to ensure
100 percent message accountability and to prevent texting in
violation of HIPAA. If a mobile device that has a secure messaging
app is lost or stolen, administrators have the ability to remotely
wipe all content received or created on the app and PIN-lock it to
prevent further use. These solutions are typically utilized in large
practices, clinics and hospital systems where smart phones, other
mobile devices or secure apps are provided to the practitioners to
ensure all are on the same secure network for texting.
2
Another texting issue involves messages that are stored in the
cloud. For example, if the recipient shares the same cloud with
family members, there may be a breach of the Security Rule
because other family members have access to the PHI. Additional
issues arise when using cloud storage as the use may trigger a
business associate’s relationship, thereby requiring a BAA be
executed.
A final problem with texting in the healthcare setting is that there is
often an informality or lack of professionalism in the message
communicated. This is a trap that can easily be avoided but is
often not. Let’s take a look at the following case:
2 (https://www.hipaajournal.com/texting-violation-hipaa/)
Page | 22
