Healthcare Information Security

Cybersecurity News

Why Saint Mary’s Hospital Opted for Secure Messaging

By Elizabeth Snell

- Waterbury, Conn.-based Saint Mary’s Hospital recently implemented a secure messaging system to improve its overall clinical communications. The facility opted for Imprivata Cortext, which is a HIPAA-verified secure communications platform for smartphones, tablets, and desktops.

Tom Calo, Saint Mary’s technical solutions engineer, and Birgit Koellmer, nurse informaticist at the hospital, spoke with about the recent changes and what it means for Saint Mary’s in the long-term.

The duo agreed that communications have definitely improved and the staff is very pleased with the secure messaging options. In fact, many have said that “it’s the coolest thing ever right now,” according to Koellmer.

How is Saint Mary’s using the secure messaging system?

Calo: We just recently rolled it out and right now, we’re kind of using it just as a general communication tool. It’s the kind of thing where it builds its own workflows as you go, and people are figuring out ways to use it and things like that. We do have a couple of different work flows that we are trying to implement, with nurses contacting physicians, pharmacists contacting physicians, and physician-to-physician.

READ MORE: How Effective is Secure Messaging in Healthcare Communication?

We’re in the initial roll out of it, so every day we’re thinking of different ways they can use it. Just in an overall organization communication tool is what we’re really trying to build it into.

What was your selection process for finding a secure communications solution?

Calo: We did talk to a couple of other vendors. We already were Imprivata One Sign customers, and had been playing around with their Cortext when it first came out, but were just kind of testing it. We realized that it was definitely something we needed to look into. And by walking around, seeing what the employees were doing, we tried to get them to use it in the beginning. Most people weren’t really interested until we really knew there were a couple of people who mentioned they were messaging in a non-secure way that we got our marching orders to go choose a vendor.

Koellmer: We already had a good roll-out with the single sign-on from Imprivata. So we thought having it all in one hand is much better for us than choosing another vendor. We also chose it because we liked that it was specific to healthcare environments.

Calo: Yeah, the value we see with Imprivata is they help you with work flows – the clinical work flows. They know them all, they had them figured out. They helped us and helped us design them. Some of the other vendors, they do healthcare, but they’re more specifically selling licenses and moving on to the next. They don’t really care what industry they’re talking to. Everybody that I speak with at Imprivata understands the healthcare industry.

READ MORE: Provider Secure Messaging May Encourage Patient Communication

How do you see this impacting Saint Mary’s in the short- and long-term as technology continues to evolve and you potentially implement new systems?

Calo: Well in the short-term, I think it’s obviously bringing everybody in the organization to rapidly act on things when something is out there. I’ve been saying that I like this to become the de facto tool of how we communicate: This is where it’s at. This is what’s in effect right here. We don’t want it to be messages that aren’t that important, things like that. If we did want to do a broadcast we’d make sure we want everyone to know this.

In the long-term, I see it being something that is integrated into the entire delivery of healthcare. For example, we have too many EHRs here. We’re a small hospital, but we must have six to eight easily. Some of them are flowing information, some of them aren’t. It can be something that brings it all together.

Koellmer: I also want to mention that we like to see it as an emergency preparedness. For example, if there would be an emergency, or an event going on, we can easily send messages out to the entire organization.

What advice would you give other healthcare organizations that are considering this, but are hesitant for various reasons?

Koellmer: The employees didn’t want to realize it, or they wanted to close their eyes to what was going on. They said “Oh nobody is texting.” But this is blind, because if you walk around in the hospital, you see everybody texting. They used their own phone because they’re used to it, and want to use it in the workplace the same way. So they said, “We don’t allow anything right now.” And whenever somebody came around, they tossed it in their pockets.

We were seeing that. And if organizations say it’s not happening in their work place, they really need to open their eyes a little bit more and look closer to what’s going on in their organization. And you don’t want that patient information outside of your organization — you want to keep it within.

We said, “We want to provide a tool so they can do what they do at home and everywhere else.” We just didn’t want to say, “We’re shutting it off totally. Leave your cell phones at the door.” We wanted to provide a communication tool for them. We wanted to make them more aware that this is still happening, and people are doing it even if you say that. So just provide staff the correct tools to do it correctly.

Calo: Yeah, you definitely have to have that more modern thinking towards security. Our security teams kind of had their head in the sand in the beginning. They were saying that they weren’t just turning their head away, they were banning it. You can’t just ban something. Today’s information technology is user-focused and user-centric, and you have to do what the users want because no matter what you do — and if you tell them what they can’t do — they’re still going to do it.

We’re still struggling with this. I feel like you have to come to an agreement with the end-user. Say, “We’re not going to stop you from texting, but we want to give you the right tool.” That was the problem that we had.

We ended up getting it the way we needed, but we struggled in the beginning. It was a matter of not having everyone up to speed at the right time about how we have to do. There’s no more fighting with the end-users.

Any other general advice or tips for facilities implementing secure messaging?

Calo: Again, working with the users from the very beginning will make a big difference. We had a lot of people that were against it like you wouldn’t believe. And they’ve come full circle now. They’re the ones promoting it.

Koellmer: Actually, we have very good feedback from our users. They think “it’s the coolest thing ever right now.” We put so many medical records on them, and electronic records on them. Every month there is something new for employees to have to learn. And it’s a struggle. But this is something that’s easy for everybody to use. And it’s easy to learn, not something you struggle with.

Calo: This was the first time IT did something cool that employees really liked. We were pretty lucky to be able to work with Imprivata; both of the modules we purchased. Those were the cool things that everybody is loving.


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...