How a Health System Enhanced Clinical Communication Security with PerfectServe
TABLE OF CONTENTS
Healthcare leaders are more concerned than ever about the security of clinical communication in their organizations. A number of well publicized cyber breaches and related settlements, the enhanced HIPAA enforcement environment, and a simultaneous increase in the use of asynchronous electronic communication in the clinical environment—specifically text messaging—have made the issue top of mind for many leaders. They’re concerned about the potential dangers of the transmission of protected health information (PHI) without adequate safeguards, the risk of privacy and security breaches that may result in adverse legal and financial consequences, and the loss of patient trust and reputation in the marketplace.
The uptick in the use of text messaging for clinical communication in the past decade has resulted in a greater focus on the security of text messages sent via mobile devices. While secure text messaging is an important aspect of clinical communication security, simply addressing the security of text messaging leaves organizations vulnerable to breaches in other modes of communication, such as voice messages and texts sent from mobile carrier websites, web based paging applications, call centers, answering services, and hospital switchboards.
PerfectServe is a cloud-based clinical communication platform that stores data on a secure server rather than on individual devices, which helps to maintain the security of messages sent via the system— regardless of communication channel. This success story outlines how one health system implemented PerfectServe to address their need for a secure, comprehensive clinical communication system.
According to the HIPAA privacy officer for the health system, the need to address the security of clinical communication became increasingly clear over time. “It became apparent in the few years before we adopted PerfectServe that more physicians wanted to communicate with other caregivers by electronic means,” he said. Physicians within the system found the communication process inefficient and cumbersome when they needed to contact another physician after a consultation or after test results were posted to the EHR—for example, when a consultant wanted to quickly report their findings to a primary care physician. According to the officer, the physicians “were specifically asking about text messaging from their mobile phones.”
In one instance, the health system experienced the loss of a portable device. After the loss, the organization thoroughly solidified its security processes, including the training of physicians and other staff about the need to ensure that PHI is communicated in an encrypted manner across secure networks. Because of this attention, physicians were cognizant of the security requirements, but they still struggled to communicate clinical information in a manner that was both secure and efficient. “Our physicians were aware of the need to send encrypted messages and were looking for a way to do this safely,” the officer said.
The health system originally implemented PerfectServe to facilitate communication between the system’s staff and individual physicians. They later added a PerfectServe module that enabled secure, direct communication between physicians. The calling physician could then access PerfectServe via smartphone or by dialing a tollfree number, which bypassed answering services, front office staff, and switchboards to quickly contact colleagues for real-time discussions about patient care issues. If the receiving physician was unavailable, the calling physician could leave a secure, HIPAA-compliant voice message, which the recipient would either receive immediately or at a predefined future time. According to the officer, the implementation process went smoothly:
“Once the physicians realized how easy it was to use PerfectServe, they began signing up to access the application— more than 1,000 physicians have signed on for the voluntary service. Adoption at all five hospitals has been more rapid than expected. Physician leaders at our hospitals have been happy with PerfectServe and have been really helpful in getting the message out to other physicians.”
– HIPAA Privacy Officer
Since implementation of PerfectServe, the privacy officer says he’s seen a major reduction in physician frustration related to clinical communication. He has also found that implementation alleviated a major area of personal concern for him.
“My goal is to make patient information as secure as possible,” he said. “What keeps me up at night is portable devices—they’re prevalent, and it’s really difficult to make sure that all devices on our campus are secure. PerfectServe helped address this worry.”
He also believes that implementing PerfectServe provided the organization with a market advantage. “We want to make practicing at our organization as easy as possible. Having a common communication system between all of our hospitals makes it more convenient for physicians to care for their patients at the hospitals within our organization.”
Compliance with HIPAA privacy and security regulations remains a priority for healthcare organizations everywhere. The persistent use of text messaging among and between clinicians highlights the importance of a secure clinical communication platform that covers all users, modes, and locations. This health system implemented PerfectServe to successfully streamline communication between physicians and to ensure a secure environment for the efficient exchange of PHI and other vital clinical information.