Study: Majority of Healthcare Orgs Risk HIPAA Non-Compliance with Consumer Messaging Apps

Nov. 10, 2015
Just 8 percent of healthcare institutions prohibit consumer messaging apps for employee communication, according to a recent study from Chicago-based Infinite Convergence Solutions, Inc.
Just 8 percent of healthcare institutions prohibit consumer messaging apps for employee communication, according to a recent study from Chicago-based Infinite Convergence Solutions, Inc. 
What's more, only one in four healthcare institutions who have an official mobile messaging platform are using an internal, company-authorized app. The rest are recommending or using consumer-facing messaging apps and services that do not provide the enterprise-grade security needed to comply with regulations, such as the Health Insurance Portability and Accountability Act (HIPAA), the research found. 
The study, which surveyed 500 professionals across multiple sectors, also found that employees in the healthcare industry use mobile messaging more frequently than voice calling for their business communication, where they most frequently communicate with colleagues. The immediacy of the information employees need to communicate matters most when they are deciding whether to use phone, email or mobile messaging to reach someone.
However, 51 percent of healthcare employees say their company does not have an official mobile messaging platform, despite the fact that 92 percent of these employees would use a company-wide mobile messaging platform if their employer decided to implement one. Sixty-four percent said it would make communication at their job easier, as well.
Of the 49 percent of healthcare employees who say their employer has an official mobile messaging platform, 16 percent say that platform is GChat and 11 percent say it's WhatsApp. What's more, even without an official mobile messaging platform, healthcare institutions recommend employees use consumer mobile messaging apps. None of these messaging apps or services typically follow HIPAA guidelines for messaging security.
"The global healthcare industry is under strict privacy and security regulations to protect patient information, but our study finds that the vast majority of healthcare institutions are not using mobile messaging services that are compliant with these regulations," Anurag Lal, CEO of Infinite Convergence Solutions, said in a press release statement. "Healthcare employees communicate inherently sensitive information, like patient prescriptions, medical information, etc., yet their employers do not have the proper mobile messaging security infrastructure in place to adhere to HIPAA or other regulatory requirements." 

Sponsored Recommendations

State of the Market: Transforming Healthcare; Strategies for Building a Resilient and Adaptive Workforce

The U.S. healthcare system is facing critical challenges, including workforce shortages, high turnover, and regulatory pressures. This guide highlights the vital role of technology...

How AI-Native Locating Intelligence Revolutionizes the RTLS market

Discover how leveraging an RTLS solution with artificial intelligence as the location engine can increase efficiency, improve safety, and elevate care without the compromises ...

Harnessing the True Power of Cultural, Clinical and Operational Data

Optimize healthcare performance by combining clinical, operational, and cultural insights. A deeper understanding of team factors improves care and resource management.

How Digital Co-Pilots for patients help navigate care journeys to lower costs, increase profits, and improve patient outcomes

Discover how digital care journey platforms act as 'co-pilots' for patients, improving outcomes and reducing costs, while boosting profitability and patient satisfaction in this...