Healthcare Information Security

Mobile News

Expanding clinical communications: Security decisions

By Patrick Ouellette

- As healthcare organizations continue to move on from pager-based clinical messaging and begin to take advantage of smart phone technology, ensuring staff members are communicating securely remains a high-level priority.

Saint Agnes Hospital, a 264-bed, full-service teaching facility Baltimore, Maryland, has traditionally relied on pagers and operator consoles for clinical communication, but recently chose to expand to Spok’s clinical alerting and secure texting offerings. Paul Donnelly, St. Agnes Director of Safety, Security and Emergency Management, explained to HealthITSecurity.com that while St. Agnes previously focused on two-way pagers to secure communication, the ability to facilitate secure texting is an asset to the organization.

Using the application, data is encrypted at rest, with the potential to use a mobile device management (MDM) solution to set a passcode and the application itself may wipe the data inside the app remotely. As for data in transit, it is 256-bit, Secure Sockets Layer (SSL) and Transport Layer Security (TLS) encrypted. And because messages are stored on-site at St. Agnes, the IT department is able to control its own data, which is important to the hospital.

In addition to requiring a user authenticates themselves with name and password, the user needs to be sent a unique invite to gain entry into the St. Agnes directory to communicate with other clinical users.

  • ONC Reiterates Healthcare Data Privacy, Security Need in PMI
  • FTC Report Calls for Better Privacy and Security Practices
  • Banner Health Data Breach Affects 3.7M Records
  • Health security officer: Data security the key, not devices
  • Advocate Medical Group endures massive data breach
  • OCR provides new security auditing enforcement plans
  • Healthcare Leads in Cloud Security Adoption, Says Survey
  • Saint Thomas Health Data Breach from Misplaced Documents
  • Health Data Breaches From Theft, Improper Disposal
  • Mitigating common healthcare cloud IT security issues
  • NY Subcontractor Causes Healthcare Data Breach
  • FDA Drafts Health Data Sharing Guidance for Medical Devices
  • Health Data Breaches Lead to Lawsuits for Florida Hospital
  • Should a Health Information Exchange Be Opt-In or Opt-Out?
  • NIST provides incident response recommendations
  • Public Server Exposure Creates PHI Data Security Worries for 200K
  • ONC outreach will help shape HIE security in 2014
  • Report Shows Medicare Healthcare Data Security Gaps
  • Latest Round of OCR HIPAA Audits Not a Reason for Panic
  • HIPAA checklist
  • Stage 3 Meaningful Use: Breaking Down HIPAA Rules
  • Employees file class suit against UPMC following data breach
  • InterAct of Michigan Phishing Attack Exposes PHI on 1,290 People
  • Jackson Health System mum on recent data breach
  • RECNH Director talks privacy and security best practices
  • PPR asks ONC to review patient identity matching privacy
  • Managing, provisioning internal healthcare applications
  • HIPAA Technical Safeguards: A Basic Review
  • FTC Wants Expanded Authority in Data Security, Privacy
  • Healthcare BYOD, mobile cloud security restrictions
  • Cybersecurity, Medical Device Security Key HIMSS16 Issues
  • Deploying virtual security appliances in a healthcare setting
  • Steps To Address Human Element Of Healthcare Data Security
  • HIMSS survey: Mobile health security remains chief concern
  • United HomeCare Services informs patients of data breach
  • Health Plan Victims of Healthcare Data Breaches Surge 1,000%
  • Healthcare CIO’s top IT security technology concentrations
  • Partners HealthCare CISO, CIO Q&A: Security threat awareness
  • University of Florida alerts pediatric patients of data breach
  • Cybersecurity Vulnerabilities Flagged in Roche Handheld Devices
  • HIMSS Calls for Secure Data Exchange, HHS Cybersecurity Role
  • Citrix, VMware offer software assisting HIPAA compliance
  • VA Reports Decrease in July PHI Data Breach Notifications
  • NIST sends out Preliminary Cybersecurity Framework RFC
  • AHIMA Director discusses HIPAA omnibus privacy practices
  • Healthcare BYOD security: Using new management technologies
  • Prevent Healthcare Phishing with Employee Security Training
  • Provisioning users with healthcare IAM dashboards
  • How Much Do Healthcare Data Breaches Cost Organizations?
  • Meaningful Use Secure Messaging Increases, Says HIMSS Survey
  • NSF Funds $10M Grant for Mobile Health Security Research
  • Virtua To Pay NJ $418,000 for HIPAA Violation
  • Homeland Security Issues Ransomware Alert for Networked Systems
  • CISOs Stockpile Cryptocurrency in Case of Ransomware Attack
  • Is HIPAA too open for interpretation when assessing risk?
  • Meaningful use security considerations for a healthcare CISO
  • HHS proposes new data breach reporting rules for FFEs
  • Attorneys General Stress Need for State Data Breach Laws
  • AHMC Healthcare reports 729,000-patient data breach
  • CMS offers new HIPAA Administrative Simplification FAQs
  • Healthcare IoT Security Market Set to Grow Next 5 Years
  • NIST Aims to Help Small Business Cybersecurity Measures Improve
  • San Antonio laptop with child vaccination records stolen
  • GAO rounds up VA cybersecurity shortcomings, needs
  • 10 security tips for adapting to healthcare BYOD
  • Healthcare Ransomware, Medical Device Security Key 2018 Trends
  • Verizon provides patient data security advice
  • OCR readies pre-audit survey for HIPAA covered entities, BAs
  • Hurley Medical Center notifies employees of data breach
  • Education, Planning Critical in Ransomware Preparation
  • ISMA Data Breach Reportedly from IT Head’s Stolen Devices
  • Budget is Largest Health Data Security Obstacle, Says Survey
  • HIPAA Rules to be Clearer for mHealth, Says HHS Leader
  • How Important is Cybersecurity for Healthcare Organizations?
  • How End-Point Evolution Will Impact Healthcare Data Security
  • AHA Calls for Strong Healthcare Cybersecurity Measures
  • Hope Family Health reports 8,000-patient data breach
  • Auditors find 250 unencrypted University of Iowa Hospital laptops
  • Cyber Attack, Stolen Patient Records Equal Security Breaches
  • How Secure Messaging Can Produce Unseen Benefits
  • 3 Ways All-Flash Could Benefit Your Healthcare Data Security
  • GAO: CMS must boost HealthCare.gov privacy and security controls
  • Overseeing healthcare mergers from a security perspective
  • Thoma Bravo Set to Acquire Imprivata for $544M
  • How EHR system gaps impact pediatricians, patient privacy
  • Where do ACOs fit into the HIPAA compliance landscape?
  • Applying US-CERT IoT Security Best Practices to Healthcare
  • Is the HIPAA Security Rule Doing Enough for Healthcare?
  • Healthcare CISO education program focuses on risk management
  • Healthcare Cybersecurity Threats Require HHS Bill of Materials
  • HHS amends CLIA regulations to allow direct patient access
  • Mitigating Risk for Stronger Healthcare Cybersecurity
  • FBI Ransomware Warning Crucial for Healthcare Cybersecurity
  • Identifying the Challenges to Securing Patient Data
  • How Implementing Secure Messaging Can Benefit Facilities
  • Healthcare Data Privacy, Security Knowledge in IG Can Improve
  • HIPAA requires providers using Skype to have BAAs
  • Apple bars HealthKit developers from selling health data
  • DHS Must Sustain Stronger Federal Cybersecurity Measures Push
  • Smiths Medical Releases Firmware Update for Medical Device Security
  • Donnelly said that he’s comfortable with the level of security that the Spok application offers. “With respect to secure communication, St. Agnes has a firewall protecting the data as well as device security measures,” he said. “Users can text within the organization’s four walls, but the data remains on the hospital side of the firewall. And we [feel good about] the use SSL technology to secure the data as well.”

    The St. Agnes mobile strategy is currently undergoing a revolution and any staff member who wants use the Spok application to send text messages to fellow clinical staff members on their smart phone can do so. There’s no mandate to use the app, but if they are going to communicate through smart phones, they’ll use the Spok app.

    X

    SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

    HIPAA Compliance
    BYOD
    Cybersecurity
    Data Breaches
    Ransomware

    Our privacy policy


    no, thanks

    Continue to site...