Implementing Secure Healthcare Communications

We live in an era of remarkable advances in medicine and clinical treatments. Ruptured brain aneurysms can be repaired through catheters that are routed through arteries without ever opening the skull. Tumors in locations that are inoperable can be obliterated with gamma knife technologies. We have therapeutic drugs to treat conditions like AIDS that were considered a death sentence just a few years ago. COVID vaccines were developed in record time that are nearly 100% effective in preventing hospitalization and death.

With all of the incredible developments in healthcare and healthcare outcomes, why does the technology that handles patient records and personal health information seem to lag so far behind these other advances?

In particular, the way that sensitive patient information is moved from one location to another uses an obsolete, many decades old technology that most of us are very familiar with – the FAX machine.

Using Obsolete Tools

Providers and practitioners have been using laptops, tablets, scanners, and copiers to enter and transmit data for many years. Yet the FAX machine continues to persist as the chief channel for the transmission of medical data, despite being insecure and vulnerable to hacking and other security risks

Seema Verma, the chief administrator of the Centers for Medicare & Medicaid Services, stated that healthcare providers were stuck in a 30-year-old technology feedback loop. “Medical staff are manually entering results into EHRs, and hospitals are handing out data on CD’s while the rest of the world is functioning on fully digitized, integrated data that informs decision-making instantaneously,” Verma said. She was calling for an end to FAX communications in the healthcare industry by 2022.

So here we are, most of the way through 2021, and FAX is still the predominant way that medical information is moved from Point A to Point B. But some promising advances are beginning to get a foothold.

The answer is Direct Secure Messaging (DSM) technology. Providers need to be able to consult with each other and transmit important, life-saving patient information quickly and securely. But many secure channels are slow, cumbersome, and non-intuitive. Hence, many clinicians resort to short-cuts and work-arounds such as using their own tablets and smartphones, and insecure methodologies like their personal email accounts and text messaging to make these timely and essential data connections. It’s very much like the old saying that when your only tool is a hammer, everything looks like a nail.

How Does Direct Secure Messaging Help?

What can healthcare providers do solve this problem of not having an easy-to-use communication tool that is convenient and HIPAA-compliant? The short answer is to use Direct Secure Messaging technology. And now is the time to put it into action.

During the COVID pandemic, the Office for Civil Rights (OCR) has temporarily suspended financial penalties for healthcare organizations that are not compliant with HIPAA and other patient information protections. And while this has removed much of the pressure that healthcare providers had been under to beef up security around patient health information, the OCR still expects compliance. And even when the negative sanctions of fines are removed, that doesn’t have any impact whatsoever on security breaches and ransomware attacks.

Data breaches between 2009 and 2019 have resulted in the loss or compromise of more than 230 million patient records, which is equivalent to the exposure of medical data for nearly 80% of the adult population of the US. Hospitals and large health networks are increasingly being targeted for ransomware attacks, which puts these providers under extreme pressure to deal with both hackers and the COVID pandemic at the same time.

Direct Secure Messaging technology provides the HIPAA compliance, security, and convenience that patients and regulators demand, and practitioners need. Thousands of healthcare organizations nationwide now communicate with other providers and practices by routing their emails and communications between Health Internet Service Providers (HISP’s) using Direct Secure Messaging. DirectTrust, the industry group that helped develop DSM, use of the DSM technology is increasing every year. There were nearly 170 million transactions in 2017; however, there were over 140 million transactions in Q1 of 2020 alone. This suggests a growth figure of over 300% year over year.

Rapid Growth of DSM Technology

That magnitude of growth is expected to continue and increase over the next five years for several reasons.

First of all, most healthcare organizations receive funds from reimbursement programs that are administered by the Centers for Medicare and Medicaid Services (CMS), and federal rules dictate that these providers use systems that can send DSM’s.

DSM also allows medical providers to authenticate a variety of different users into their network environments and enable secure messaging and communications across many different provider types. This level of integration allows for secure transmission of patient data both inside and outside of the healthcare ecosystem.

DSM provides better secure access to communication records and audit trails, which will help providers identify and separate those messages containing PHI and assist in resolving clinical workflow bottlenecks as well as other potential pathways to eliminate data breaches and malware injections.

IT managers should make sure that any DSM platform includes tools to monitor and validate who transmitted what and when they did it, with all data being encrypted while in transit and while not moving between systems. These transmissions records should be collected as a part of a patient’s overall PHI along with the appropriate medical document retention policies. These systems should integrate with any practice management system, and EMR vendors should be able to bake these privacy protocols into their software solutions.

Finally, as the healthcare industry continues to evolve in the face of the COVID-19 pandemic by implementing more telehealth visits and fewer in-office examinations, there is a need for fast, reliable, and safe transmission of patient data.

Why DSM Is More Secure?

Unlike regular email services such as Gmail or Outlook, providers using a HISP have DSM email addresses that follow a standard format. If one provider needs to send patient records to another doctor, the first provider simply uploads the data to a HISP, which securely transmits the data and messages to the second doctor. Providers don’t have to understand the technology behind these secure transmissions. With DSM in place and HISP to HISP connectivity, doctors just have to concern themselves with providing high-quality care and treatment to their patients. And they can share PHI with confidence, knowing these communications are as secure as they can possibly be.

In Closing…

The need for Direct Secure Messaging in healthcare settings continues to grow as a function of the need for doctors and other providers to transmit PHI quickly, securely, and easily.

DSM improves and accelerates clinical data workflows and increases overall patient throughput, reduces the potential for errors, increases patient satisfaction, improves patient outcomes, and significantly reduce costs. It also ensures HIPAA compliance, increases data security, and reduces patient information breaches. It can also improve outcomes and reduce the costs of recovering from ransomware attacks.

If you would like to meet with one of our healthcare security experts to learn more about the advantages of Direct Secure Messaging, click here and complete our contact form.

October 18th 2021