Healthcare Information Security

Mobile News

Secure Messaging Still Concern for Healthcare Data Security

Nearly 70 percent of surveyed residents prefer SMS messaging because of its convenience, efficiency, and ease of use.

By Sara Heath

The rising prevalence of text messaging between physicians within a practice brings to the forefront questions of health data security and secure messaging devices.

secure direct messaging

To explore these issues, researchers from the University of Chicago performed a study examining residents in healthcare settings and their preferences for inter-facility communication, finding that over half of respondents use text messages because of the convenience.

An interesting dichotomy prompted the researchers queries. Although they pose considerable security threats, and indeed are not HIPAA compliant, short message services (SMS) text messages present an easy and efficient mode of communication. The researchers sought to find out if residents value this efficiency over the potential security threats.

Currently, it is unclear if the millennial generation of residents, who are comfortable with the ubiquity of SMS text messaging and its benefits, share the preceding concerns regarding SMS text messaging and patient confidentiality,” the researchers explained. “Protecting patient confidentiality is a professional responsibility outlined in the ABIM Foundation physician charter on medical professionalism.”

The results show that an overwhelming majority of respondents use SMS text messages for their convenience and efficiency. Nearly 71 percent preferred SMS messaging for overall efficiency, and 80 percent preferred it for its ease of use.

secure direct messaging

That said, respondents generally showed an understanding that SMS messages are not a completely secure method of communication. Only about 20 percent of respondents preferred SMS messaging for its security measures, while 80 percent stated they preferred in-hospital paging for security reasons.

Although respondents stated that they believed alternatives to SMS messaging to be more secure, they still reported having received several pieces of sensitive patient information via text message. This information reportedly included patient names, patient initials, and medical record numbers.

secure messaging

The results of the study show a slight contradiction -- although respondents are aware of and are concerned about health information security issues over SMS messages, they still appear to prefer these methods of communication for inter-facility communication.

The researchers posed one possible explanation for these conclusions.

When looking to communicate with another hospital physician, residents may weigh the benefits and costs of using SMS messages. Due to the pressure residents are under to be a good and effective resident, the researchers said that they may choose efficiency over security.

“Additionally, the pressure to be an efficient resident may cause some residents to utilize SMS text messaging in order to maximize efficiency despite the risks to patient confidentiality,” the researchers explained.

However, the researchers explained that this may be a compromise of physician professionalism as these residents are using non-HIPAA-compliant communication modes.

“However, consequences exist if residents are individually balancing the tradeoff between the benefits of a technology such as SMS text messaging and the security risk it poses to protecting patient information,” the researchers said. “In circumstances in which the use of SMS text messaging threatens confidentiality, it also threatens resident professionalism.”

These results show that there is enormous room for growth in overall education regarding healthcare data security and device security.

“Educators have a responsibility to help residents as frontline patient providers and not leave them isolated or at risk with the use of emerging technology,” the researchers confirmed. “Rather, residents should receive formal education in the standards regarding technology and health care security.”

Although HIPAA does not specifically ban the use of SMS messaging as a communication tool, it does have a standard of setting proper data security standards. The researchers suggest that there is an expectation that professionals will create ways to integrate secure direct messaging into practice while still keeping a high standard of security.

“By not banning specific technologies, these expectations recognize the fact that new technologies can improve the efficiency and quality of care, but they require that providers and health systems together account for the rights of patients to have their information protected,” the researchers concluded. “Additionally, they should also be engaged in finding and promoting technologies within their institutions, such as secure SMS text messaging apps that are both HIPAA compliant as well as efficient and easy to use.”

Image Credits: Prochaska et al.


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks