Healthcare Information Security

Mobile News

Expanding clinical communications: Security decisions

By Patrick Ouellette

- As healthcare organizations continue to move on from pager-based clinical messaging and begin to take advantage of smart phone technology, ensuring staff members are communicating securely remains a high-level priority.

Saint Agnes Hospital, a 264-bed, full-service teaching facility Baltimore, Maryland, has traditionally relied on pagers and operator consoles for clinical communication, but recently chose to expand to Spok’s clinical alerting and secure texting offerings. Paul Donnelly, St. Agnes Director of Safety, Security and Emergency Management, explained to that while St. Agnes previously focused on two-way pagers to secure communication, the ability to facilitate secure texting is an asset to the organization.

Using the application, data is encrypted at rest, with the potential to use a mobile device management (MDM) solution to set a passcode and the application itself may wipe the data inside the app remotely. As for data in transit, it is 256-bit, Secure Sockets Layer (SSL) and Transport Layer Security (TLS) encrypted. And because messages are stored on-site at St. Agnes, the IT department is able to control its own data, which is important to the hospital.

In addition to requiring a user authenticates themselves with name and password, the user needs to be sent a unique invite to gain entry into the St. Agnes directory to communicate with other clinical users.

  • Data Breaches Lead to Growing Health Data Security Market
  • Securing healthcare endpoints with thin, virtual technologies
  • Symantec wants role in healthcare identity federation future
  • Ensuring HIPAA compliance among inpatient, outpatient docs
  • CMS Stresses Security in Healthcare Texting Clarification
  • Securing patient data at the file level to thwart hackers
  • AMIA’s Recent HIPAA Compliance Question: A Legal Perspective
  • Nebraska doctor’s office notifies 2,125 patients of breach
  • OCR releases Prime Healthcare data breach resolution
  • KPMG Stage 2 Meaningful Use poll finds security concerns
  • UPMC Health Data Breach Lawsuit Dismissed
  • How Do HIPAA Rules, Patient Privacy Apply in Emergencies?
  • What Will the Upcoming OCR HIPAA Audits Entail?
  • Does Healthcare Security Interfere with Clinical Workflow?
  • Troy Medical Center patient data thief receives prison sentence
  • Update on Apria Healthcare health data breach
  • MA Data Breach Reporting Tool Aids in Notification Process
  • Factoring trust, BAAs into health cloud security decisions
  • Multnomah County Health Department Suffers PHI Breach
  • HIMSS13 healthcare security vendor trends: Cloud and BYOD
  • Majority of Healthcare Data Breaches Caused by Cyberattacks
  • Westcoast Children’s Clinic faxes PHI to unintended recipient
  • Information Sharing Key in Improving Healthcare Cybersecurity
  • NIST Cybersecurity Framework Updates, Clarification Underway
  • HRSA Data Security Controls Need Improvement, Says OIG
  • Oregon Health and Science University reports data breach
  • How Healthcare Orgs Can Implement Strong End-User Security
  • Farzad Mostashari implores healthcare security innovation
  • Omnicell health data breach details emerge
  • Alabama DPH sends 500+ patient data breach notices
  • Survey: HIPAA fines, not data safety top reason for compliance
  • Stolen, Unencrypted Drive Causes Data Security Concern for 15K
  • Top Tips on Healthcare BYOD Best Practices, Mobile Security
  • NIST Cybersecurity Included in Latest HITRUST CSF Version
  • Report: Healthcare Security Incidents 3 Times More Likely
  • DHS Releases Internet of Things Security Principles
  • Senator Urges HHS to Create Healthcare Cybersecurity Law
  • Potential Health Data Breach for Hawaii Office
  • Premera Data Breach Leads to Lawsuits, Lawmaker Concern
  • HITRUST Updates Healthcare Cybersecurity Approach
  • One Year after Data Breach, FDA System Still Vulnerable
  • What Are the Legal Concerns in a HIPAA Risk Assessment?
  • Business associates prepare for HIPAA omnibus compliance
  • HHS mobile security questions for end users
  • Kromtech Security Discovers Health Data Breach of 150K Patients
  • Aligning healthcare management, staff to strengthen security
  • Phishing Scams: HIPAA Technical or Administrative Safeguard?
  • Child and Family Services reports patient data breach
  • HIPAA requirements: Covered entities, PHI de-identification
  • Phishing Attacks Top Data Security Motivator, Says HIMSS
  • Health Data Privacy Concerns Arise with Precision Medicine
  • FDA Drafts Health Data Sharing Guidance for Medical Devices
  • HIPAA Violation Leads to Probation for Radiologist
  • Breaking Down PHI Security Breaches and Their Impact
  • Professional Dermatology Ransomware Attack Affects 13K
  • Hawai‘i DOH reveals potential mental health data breach
  • EHRA: National patient identity matching strategy needed
  • St. Charles Privacy Incident Leads to DA Criminal Investigation
  • Healthcare Information Sharing Need Stressed in Recent Hearing
  • NCCIC Cautions Multiple Sectors of Recent Malware Threats
  • Six Ways to Stay HIPAA Compliant and Keep PHI Safe
  • Indiana University Health notifies patients of data breach
  • Valley View Hospital virus breach affects 5,400 patients
  • How Do HIPAA Regulations Apply After Death?
  • Health Data Privacy Discussed in ONC Blockchain Proposal
  • PHI of 4.7K Ohio Patients Affected by Unauthorized EHR Access
  • OCR still seeking feedback from 115 HIPAA covered entities
  • How will Box HIPAA compliance factor into healthcare BYOD?
  • Taking charge of HIE and EHR security in legal agreements
  • Lessons Learned from 2015 Healthcare Data Breaches
  • AHA Supports Secure Messaging Modifications in MU Program
  • Where is the Greatest Health Data Breach Risk for Providers?
  • Five healthcare CISO priorities for a secure environment
  • Independence Care System revises data security procedures
  • Data Breach News: Cone Health Mailing Error; New Calif. Law
  • Fine-tuning your healthcare SaaS security approach
  • ONC Urges Mobile Application Security, Regulatory Adherence
  • Understanding, Preparing for Healthcare Ransomware Attacks
  • Healthcare System Break-Ins Result in Potential PHI Breaches
  • Healthcare mobile security vendor arms race heats up
  • Employees file class suit against UPMC following data breach
  • HIE organizations discuss non-targeted query practices
  • WEDI Outlines Tips for Improving Healthcare Cybersecurity
  • Mobile Healthcare Security Critical as Technology Evolves
  • Cornerstone Neurology data breach affects 548 patients
  • Are HIPAA Regulations the Best Answer for Patient Privacy?
  • Survey reveals healthcare data security priorities, concerns
  • Methods to becoming a HIPAA business associate
  • Brushing up on patient credit card data protection laws
  • BYOD security in a healthcare setting: Best practices
  • Cyber Attack, Stolen Patient Records Equal Security Breaches
  • Secure Texting Ban Reinstated, Commission Calls for Guidance
  • Lawsuit Claims Facebook Compromises Patient Privacy
  • Patient identity matching: Addressing privacy questions
  • Attorney tips for healthcare BYOD
  • Top 10 Healthcare Data Breaches of 2015
  • OCR Reiterates HIPAA Guidance for Opioid Crisis Response
  • BYOD creating security risks for healthcare facilities
  • PA Security Breach from Missing External Hard Drive Affects 4.1K
  • US Reports North Korea Caused WannaCry Ransomware Attack
  • Donnelly said that he’s comfortable with the level of security that the Spok application offers. “With respect to secure communication, St. Agnes has a firewall protecting the data as well as device security measures,” he said. “Users can text within the organization’s four walls, but the data remains on the hospital side of the firewall. And we [feel good about] the use SSL technology to secure the data as well.”

    The St. Agnes mobile strategy is currently undergoing a revolution and any staff member who wants use the Spok application to send text messages to fellow clinical staff members on their smart phone can do so. There’s no mandate to use the app, but if they are going to communicate through smart phones, they’ll use the Spok app.


    SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

    HIPAA Compliance
    Data Breaches

    Our privacy policy

    no, thanks