Healthcare Information Security

Mobile News

Expanding clinical communications: Security decisions

By Patrick Ouellette

- As healthcare organizations continue to move on from pager-based clinical messaging and begin to take advantage of smart phone technology, ensuring staff members are communicating securely remains a high-level priority.

Saint Agnes Hospital, a 264-bed, full-service teaching facility Baltimore, Maryland, has traditionally relied on pagers and operator consoles for clinical communication, but recently chose to expand to Spok’s clinical alerting and secure texting offerings. Paul Donnelly, St. Agnes Director of Safety, Security and Emergency Management, explained to that while St. Agnes previously focused on two-way pagers to secure communication, the ability to facilitate secure texting is an asset to the organization.

Using the application, data is encrypted at rest, with the potential to use a mobile device management (MDM) solution to set a passcode and the application itself may wipe the data inside the app remotely. As for data in transit, it is 256-bit, Secure Sockets Layer (SSL) and Transport Layer Security (TLS) encrypted. And because messages are stored on-site at St. Agnes, the IT department is able to control its own data, which is important to the hospital.

In addition to requiring a user authenticates themselves with name and password, the user needs to be sent a unique invite to gain entry into the St. Agnes directory to communicate with other clinical users.

  • Patient PHI Compromised by Florida Hospital Employees
  • Prevent Healthcare Phishing with Employee Security Training
  • Medical center looks at hybrid cloud options, security needs
  • Letter to CMS Questions Privacy Measures
  • What the CareFirst Data Breach Decision Means for Healthcare
  • Health Data Privacy Not a Concern for Health Tech Consumers
  • Healthcare Organizations Struggle with Vendor IT Security Risks
  • Protecting on-site clinic patient data: CISO perspective
  • Incoming CHIME CEO discusses CIO security role development
  • UVA forms data breach taskforce; IN hospital apologizes for error
  • Experts reflect on healthcare cloud data security, compliance
  • Phishing Hack Breaches PHI of 23,000 Colorado Patients for 3 Months
  • How Automation Aids Data Security, Improves Patient Satisfaction
  • Healthcare Hacking Leading Cause for 2017 Incidents
  • Why Healthcare Secure Messaging, BYOD Should Be Considered
  • VA medical center sends patient data breach letters
  • Healthcare requirements modified in N.Y. and N.J. to meet Hurricane Sandy patients’ needs
  • Healthcare Identity, Access Management Center of Imprivata Deal
  • Expanding mobile health security with secure text messaging
  • How User Training Affects Healthcare Ransomware Preparation
  • Top Tips for Better Healthcare Security in 2015
  • HIE privacy, security best practices: A review
  • MNsure data breach spurs federal, state HIX privacy questions
  • Boston Public Health responds to patient privacy questions
  • Breaking down EHR module security standards
  • Ark. BCBS Sends Data Breach Notification After Computer Theft
  • Learning from the Excellus Data Breach
  • PA health system reports 144-patient data, identity theft
  • How Can Providers Ease Patient Privacy Concerns?
  • Is HIPAA fine money being spent to improve data security?
  • Is Patient Privacy Violated with New Wellness Program Rules?
  • AMIA’s Recent HIPAA Compliance Question: A Legal Perspective
  • Implementing user-focused healthcare security technologies
  • OCR HIPAA Settlement Costs Cornell $125K
  • Reviewing new HITRUST Common Security Framework guidance
  • CMS proposes data breach reporting rules for new HIX
  • Revised NIST Infrastructure Cybersecurity Framework Released
  • DirectTrust Accreditation Agreement with EHNAC Extended
  • AMA primer on patient data encryption: Physician FAQ
  • ONC Releases Educational Videos on HIPAA Rights for Patients
  • How Premier Nephrology Utilizes Secure Messaging
  • Clientless VDI for the next-generation healthcare data center
  • OCR provides short-term HIPAA audit program plan
  • St. Anthony’s nursing home reports 2,600-patient data breach
  • Healthcare Web Application Attacks Increase in Past Year
  • How Can Covered Entities Best Prepare for Ransomware Threats?
  • Healthcare data breach roundup: Nov. 30
  • BIDMC CIO presents healthcare security plan
  • Improving Health Data Security With A ‘Sandbox’ Approach
  • How a healthcare CIO maintains IT security and efficiency
  • Improper Disposal Leads to Potential Healthcare Data Breach
  • How Important is Cybersecurity for Healthcare Organizations?
  • Health Data Breach on Portal Affects 75K People
  • Healthcare Lags Other Industries in Phishing Attack Resiliency Rate
  • 19K Orlando Orthopaedic Patients At Risk from Lax Vendor Security
  • 2.65M Atrium Health Patient Records Breached in Third-Party Vendor Hack
  • Understanding HIPAA Regulations and Mobile Devices
  • Data Privacy Rights Hinder Effective Treatment, Warns AHA
  • IT Worker Uncovers Hospital Pagers with Poor PHI Data Security
  • Healthcare Ransomware, Connected Devices Top Security Issues
  • Rady Children’s Hospital boosts data security training
  • NC DHHS notifies patients of multi-year breach
  • Practice Fusion Health Data Privacy Case Gets FTC Final Order
  • Nearly Half of Surveyed Patients Worried Over PHI Security
  • Reviewing OCR HIPAA Guidance to Maintain Compliance
  • Focusing on Audit Controls to Maintain PHI Security
  • Strong Health Data Security Starts with Employee Education
  • Airway Oxygen Ransomware Attack May Affect PHI of 500K
  • Heartbleed bug lessons learned: Having a remediation plan
  • Primary Health Care PHI Data Security Incident Affects 10K
  • House Committee hears new FTC v. LabMD arguments
  • OIG Finds Information Security Issues with VA Audit Logs
  • Anthem Vendor Reports Potential Data Breach Affecting 18K
  • OIG Notes NC Potential Medicaid Data Security Vulnerabilities
  • Too Few Organizations Implement Data Encryption, Survey Says
  • ONC Workgroup Talks HIPAA Regulations, Interoperability
  • OIG: VA sent unencrypted PII data on a routine basis
  • How Effective is Secure Messaging in Healthcare Communication?
  • ACHC meets full HIPAA, HITECH compliance
  • Federal Sites Lacked Health Data Encryption, Leaked Info
  • Mobile data security remains a Military Health System focus
  • Study: Data breaches cost healthcare providers $1.6 billion
  • Top 10 largest healthcare data breaches in 2012
  • Health Data Breaches Due to Employee Mishandling in OK, CT
  • HHS Final Rule Differs from HIPAA Regulations on Data Sharing
  • Can education fill health cybersecurity professional gaps?
  • Kathryn Marchesini Named New ONC Chief Privacy Officer
  • How Has Medical Device Security Evolved?
  • How Will DeSalvo Nomination Affect Health Privacy, Security?
  • Valparaiso Fire Dept. alerts patients of ADP data breach
  • HSCC Releases Joint Medical Device Security Lifecycle Guidance
  • Former Owensboro medical employee indicted for data breach
  • HITRUST Updates Healthcare Cybersecurity Approach
  • Creating Sensors, Enforcers for Healthcare Network Security
  • RI’s Landmark Medical Center reports laptop theft
  • Smart Wristband Raises Health Data Security, Privacy Concerns
  • Oklahoma Hospital Sued for Alleged HIPAA Violation Over Drowning
  • SPAARx pursues OCR explanation on HIPAA compliance conflicts
  • How to Protect Your Entity from Healthcare Phishing Attacks
  • OHSU alerts patients of Google cloud security concerns
  • Donnelly said that he’s comfortable with the level of security that the Spok application offers. “With respect to secure communication, St. Agnes has a firewall protecting the data as well as device security measures,” he said. “Users can text within the organization’s four walls, but the data remains on the hospital side of the firewall. And we [feel good about] the use SSL technology to secure the data as well.”

    The St. Agnes mobile strategy is currently undergoing a revolution and any staff member who wants use the Spok application to send text messages to fellow clinical staff members on their smart phone can do so. There’s no mandate to use the app, but if they are going to communicate through smart phones, they’ll use the Spok app.


    SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

    HIPAA Compliance
    Data Breaches

    Our privacy policy

    no, thanks

    Continue to site...