Providers are on the Prowl for Secure Texting

03.05.12 In the News

By: Jennifer Dennard | February 13, 2013 (Featured on Healthcare IT News)

During my last visit to the dentist, my dental hygienist lamented to me that whenever she has young children in her chair, she can barely make eye contact with them or engage them in conversation because of their constant texting. I’m lucky in that my hygienist is a real chatterbox, so we spent five minutes or so having a very one-sided conversation (typical for a dental appointment, I assume) about how technology like texting – and the fact that nearly everyone has the capability on their phones – is affecting people’s social skills.

One part of our population that isn’t taking advantage of this technology to the degree that they should be is physicians, which strikes me as terribly behind the times. If kids  – current patients and future healthcare workers – today are texting as a primary form of communication, they will expect to be able to do so professionally in the very near future.

Now as we’ve all been made aware, non-secure texting between providers leaves information within those exchanges wide open during a potential breach of private health information. And HIPAA concerns abound. We’ve also heard stories of providers that disregard these concerns, texting private patient health information to colleagues on unsecured devices because it is the quickest way to get that information from point A to point B.

So, like most things in healthcare, it seems we’re going to need vendors to step up to the plate and offer a solution that providers will embrace, and we’ll need those same providers to develop protective strategies around use of such devices. I decided to poke around and see if there was anyone doing this right now, and came across a company called TigerText – a company that provides secure, HIPAA-compliant, mobile messaging.

I chatted via email with Jeffrey Evans and Brad Brooks to learn more about the technology, and the future of texting in healthcare.

Many healthcare organizations admit they do nothing to protect data on mobile devices, and even fewer use encryption. Why do you think this is? Was the technology not available before now? Were there too many types of devices? Did hospitals just have bigger priorities?
JE and BB: The shift from storing and transmitting health information data within the controlled confines of an office or hospital-based paper system to an electronic, digital data-to-mobile device system happened very quickly, so hospitals are behind the curve when it comes to properly securing the flow of this information.

When you think about how quickly this shift occurred, it’s useful to think in terms of the smart phone. Even three years ago, people weren’t constantly connected. People, especially physicians, weren’t texting all the time as a form of transmitting information, and they weren’t walking around with mini computers at the touch of a hand like they are today. Hospitals need to figure out a way to use this connectivity to benefit patients and improve overall care, but they also need to control it simultaneously. This shift happened so quickly, that many healthcare organizations simply buried their head in the sands, and resigned on finding a solution, which is why you see such high numbers in terms of failing to secure these devices.

Can you give me an example of a legal case that resulted from non-secure texting between providers?  What impact did it have on their facility and patient(s)?
JE and BB: We aren’t aware of any lawsuits based on non-secure texting, but HIPAA violations, which can carry civil penalties, are happening all the time: Breaches of protected health information (PHI) increased 525 percent in 2011, and 39 percent of PHI breaches have come on laptops and other mobile devices since 2009, according to a recent analysis of federal data. Breaches from mobile devices are likely to increase rapidly as more and more organizations adopt a bring-your-own-device approach to smartphones and tablets. Hospitals also risk their accreditation status with the Joint Commission, which announced last fall that transmitting PHI over unsecured texting channels was “not acceptable.” Additionally, the federal Department of Health and Human Services is now auditing mobile device compliance in its latest round of HIPAA audits that began this quarter.

Brad, how did you go from overseeing children’s media to an interest in technology and healthcare?
BB: A personal passion for technology and a family background in medicine led me to co-found TigerText. Prior to co-founding the company, I served as President at DIC Entertainment, a children’s branded media company, where I honed an interest in the ability to use mobile technology and the Internet for connecting people and organizations. In my role there, I helped launch first-of-a-kind, virtual “kids-only” worlds for the brands DIC worked with, positioning the company as a leader in online outreach and technology.

As the son and brother of physicians, I’ve always been keenly aware of the nature of healthcare delivery and the frustrations from a provider side. When the idea for TigerText first came up, I ran the idea past my brother [a physician who now serves as an advisor to the company], and his enthusiasm encouraged Jeffrey and me that we were on to something. My family of physicians helped me understand early on that this was a good disruptive change.

Mobile health is obviously a big part of the healthcare market right now, and seems to be key to newer coordinated care models and patient-centered medical homes. How does TigerText plan to evolve as the industry adjusts to new technologies, Meaningful Use deadlines, Accountable Care Organizations, etc.
JE and BB: TigerText’s goal is to be the best, most efficient messaging platform for the healthcare industry. To do that, we understand that we have to adapt and evolve as the industry and regulations governing it evolve. As it exists today, TigerText’s system is based on open APIs that can integrate easily with most systems that are moving healthcare information – desktops, smartphones, tablets, etc. Nurses typically aren’t carrying smartphones, so TigerText allows them to send and receive communications with physicians from a PC to the physician’s mobile device in a secure platform.

As the industry adapts to new technologies, new EHR criteria and new delivery models, TigerText can play a role. Our essential service allows hospitals and physician groups to create their own private, HIPAA-compliant mobile messaging network for physicians, nurses and administrators across platforms, including new technology. As care delivery and payment systems are redesigned, clinicians will have to work smarter and more efficiently, and TigerText helps them do that. TigerText is continuously looking to evolve and improve our business model and platform.

What has been the most popular feature of TigerText messaging, according to your customers?
JE and BB: The ability to see when a message has been received and then read is the feature that physicians and nurses have found the most useful. If a nurse pages a physician, it could take hours to hear back or even know that the physician has received the message. But with TigerText, nurses can see instantly if a physician has received and read the message or whether they should move on and ask another physician on-call.

What do you expect to talk with attendees about at HIMSS? Are you hoping to dispel the notion that texting is a no-go for providers, based on the Joint Commission’s announcement last fall that it is not an acceptable form of communication amongst providers?
JE and BB: We agree that mobile messaging through the unsecured, unencrypted SMS channel found on nearly all cellphones is a no-go for providers. However, hospital administrators should not cover their eyes to what is happening. Physicians and nurses are using SMS because it is acting like an efficient priority channel to exchange a lot of necessary communication during the course of a day. The time has come for hospitals and healthcare enterprises to embrace the smartphone devices their caregivers are bringing into the hospital by giving them a secure channel to communicate via text. By doing this, hospitals will actually lower costs, improve patient safety through better communication and improve caregiver satisfaction by lowering frustrating wait times.

We saw that physicians and nurses were using this inappropriate channel because they needed that speed to do their jobs. We provide them with mobile messaging, including text, images and documents that give them the speed and urgency of the common texting channel but on a secured and HIPAA-compliant platform. Our platform gives health care enterprises ultimate control over the messages they and their employees send, with features such as: Self-Deleting Messages (both on sender and receiver handsets), Message Recall and Forward Lock.