1 Way to Secure Physician Text Messages
It was with an element of nostalgia that I read the post 7 ways to secure physician text messages. Why Nostalgia I hear you ask? Well I’ll tell you. From 1995 until 2001 I worked in the Anti-virus industry. It was very different in those days. Viruses were written in bedrooms by kids, not by organized crime groups, No-one had anti-virus on their home computers and the AV updates were sent out monthly or quarterly on floppy disks. There was no such thing as a zero day exploit.
Here’s the nostalgia bit. In my early time there, we gave very sensible advice to try to prevent viruses from infecting people’s machines. Don’t leave a floppy disk in the disk drive when you reboot. Don’t click on executable files that aren’t from a trusted source. Have a machine with up-to-date (see above for what up-to-date meant) AV and scan any files or disks that you receive before putting them in your own machine. Don’t click on word documents from an untrusted source.
All great advice, but not by any means water tight in terms of your security policy. The only way to stand a chance of protecting yourself was to take any responsibility away from the user to do anything at all, and give them a tool that handled everything necessary behind the scenes. Install anti-virus. The rest of the advice went away.
The 7 steps outlined in this post sounded just like the advice we used to give. While useful, it’s far from fool proof and unfortunately, not a water tight way of protecting yourself from potential HIPAA violations.
So my advice, if you are concerned by the HIPAA ramifications of physicians using text messaging to communicate patient information would be to skip the futility of the first 6 ways and move straight to a secure messaging solution designed to be secure, and designed specifically for healthcare, and designed by a trusted healthcare security provider.
If you’d like to have a say in what such a solution would look like, you can apply to the Imprivata Cortext Beta program here