HipLink Blog

search

HipLink Insights

Welcome to our Blog! Please join the conversation with the latest company news and industry trends!

Subscribe to this list via RSS Blog posts tagged in HIPAA

Posted by on in Blog
Benefits of HIPAA Compliant Mobile Chat

 

HIPAA compliance sets the standard for protection of patient health information ensuring security standards are followed. Provisions for patient privacy and security are necessary in all steps of patient care. Hospitals must balance the need for HIPAA compliance with a requirement for continuous communication between clinicians which can be time-consuming and frustrating. Whether it is between a physician and a nurse or an EMT and an emergency room trauma team, it is crucial that communication be not only immediate, but also secure. With HipLink Mobile, you can send HIPAA compliant text messages to all medical personnel. It dramatically improves the speed and security of communication. Here are some benefits of HipLink Mobile’s HIPAA compliant chat application.

Secure Messaging

Medical clinicians and personnel must be extremely cautious with sharing unsecure patient information even with their coworkers. HipLink Mobile allows providers to send HIPAA compliant text messages with full protection of any PHI. All messages are encrypted at the highest level for full HIPAA compliance while allowing for open communication between users.

HipLink Mobile’s text messaging app uses the highest level of data encryption security both in transit and at rest. The “single session” handshake process in the encryption means the key is constantly changing. This short "time to live" makes cracking the encryption almost impossible. Doctors, nurses, EMTs, and other medical personnel can rest assured that the data they are sending is secure. Thus, HipLink Mobile’s text messages can be used to send ePHI that can include patient identifiers, diagnosis, and history as well as current status without any worry of HIPAA violations. Any attachments sent over HipLink Mobile are also encrypted.  

Easy to Use

Not only is the HipLink Mobile App text messaging feature protected and secure, but it is also simple to use. It works on both Wi-Fi and cellular networks to ensure no gaps in service. Personnel can easily respond to messages via a one-click message response feature. Distinct alert tones make it easy to know when a message is received. Group messages are also simple to send and allow all members of a care team to receive the necessary information with features for automatic escalation.

Remote Device Management

An added safety feature and benefit of HipLink secure messaging is the remote device management capabilities of the application. This allows an administrator to do things like enforce general policy, disable access, or delete data. This feature further increases HIPAA compliance and patient security.

HipLink Mobile’s secure messaging app provides medical professionals with a secure way to integrate HIPAA compliant text messages into their communication system and workflow. Improvements are quickly noticed with the speed and reliability of communication. Contact HipLink today to learn more about How HipLink Software empowers healthcare organizations with a reliable, complete communication platform.

 

Tagged in: HIPAA HIPAA Compliance
Hits: 717
0

Posted by on in Blog
Keeping PHI Secure to Avoid HIPAA Data Breaches

 

In this rapidly advancing technological world, an increasing number of healthcare providers are incorporating electronic health record (EHR) technology. In addition, they are also connecting to health information exchanges more frequently, making patient health information (PHI) more susceptible to online security threats as well as possible HIPAA data breaches.

 

The convenience of PHI being more accessible to providers also carries the risk of being more accessible to hackers and unauthorized users.   Effectively monitoring and managing potential risk is imperative for a healthcare organization.  Risk assessments play a key role in staying HIPAA compliant.  Mobile devices and ransomware threats are examples of why healthcare providers need to be prudent in their risk analyses.  The slightest oversight or lapse could lead to a HIPAA data breach as well as a lengthy, expensive recovery course.

 

What Is a HIPAA Data Breach

 

Per the U.S. Department of Health and Human Services (HHS), a data breach is the forbidden use or disclosure of PHI under the Privacy Rule that jeopardizes the security or privacy of patients.  For example, if a nurse’s assistant is a friend of patient Jane Doe and posts on social media that Jane Doe’s health condition is worsening, this is a HIPAA breach.  Another type of data breach is unencrypted data being lost or stolen due to using backup tapes for data archival. Portable devices that are unencrypted or not properly safeguarded by passwords, personal identification numbers, or other security measures, pose a much greater risk of a data breach. 

 

There are three exceptions to the HHS Privacy Breach.  First, if a healthcare worker unintentionally acquires the use of PHI while acting under authority of the covered healthcare organization, this is an exception. Secondly, inadvertently sharing PHI with another person who has authorized access to PHI is not a breach.  For example, John Doe is a patient at XYZ Hospital.  Dr. Smith is his cardiologist and Dr. Jones is his nephrologist.  To properly coordinate a heart and kidney care plan of treatment for Mr. Doe, Drs. Smith and Jones are allowed to share PHI pertaining to the patient.  Lastly, if a healthcare organization believes that the person to whom the PHI disclosure was made is unable to retain the information, this is also not considered a data breach. 

 

Understanding HIPAA data breaches and the exceptions to the rule provides healthcare organizations the information they need to formulate extensive data security plans to keep PHI safe and secure.  One of the easiest ways to prevent an employee data breach is by training, documenting, and monitoring employee adherence to security policies and procedures. In addition to training your own employees, remember to be vigilant when checking your business associates’ compliance to ensure their employees have been trained.

 

Ransomware Attacks – Are They HIPAA Data Breaches

 

Whether or not a ransomware attack is a HIPAA data breach is determined on a case-by-case basis.  To put it somewhat simply, if electronic protected health information (ePHI) is encrypted as a result of a ransomware attack, it is considered a HIPAA data breach because the PHI was able to be accessed.  Therefore, it is a disclosure that is not permitted under the HIPAA Privacy Rule. 

 

On the other hand, if the ePHI encrypted in a ransomware attack was already encrypted in alignment with HIPAA regulations, it may or may not be considered a breach.  Each situation is treated uniquely.  The HHS Office of Civil Rights states, “If the electronic PHI (ePHI) is encrypted by the entity in a manner consistent with the Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals such that it is no longer ‘unsecured PHI,’ then the entity is not required to conduct a risk assessment to determine if there is a low probability of compromise, and breach notification is not required.”

 

Ensuring PHI Protection

 

The HHS PHI Privacy Rule protects all individually identifiable health information held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral. 

 

In order to determine the best security measures, a healthcare organization must consider its size, capabilities, and complexity.  Furthermore, the technical hardware and software infrastructure must be evaluated as well as the expense of security measures.  Last, but certainly not least, every healthcare organization must scrutinize the likelihood and possible consequences of plausible risks to ePHI.

 

To protect ePHI, it is imperative that healthcare organizations keep all security measures up-to-date, confirm compliance with state and local laws, as well as HIPAA compliance.  There are several ways ePHI security can be compromised, and that is why facilities have to be cautious and able to adjust security measures when necessary. 

 

HipLink offers real-time secure messaging for Apple or Android devices. The user can send secure text messages, encrypted for HIPAA compliance from a desktop or smartphone.  For more information, contact us at 408-399-6120.  

Hits: 3962
0
Recent comment in this post - Show all comments
  • anonymous
    anonymous says #
    GOOD POST
Transforming Healthcare with Mobile Health Technology

 

Mobile health technology is transforming the entire healthcare system. The combination of innovative data analytics and mobile technologies are simplifying the methods used by healthcare professionals from the patient care experience to healthcare administration.

 

Healthcare providers faced obstacles with mobile health technology lacking essential protective measures as they relate to shared patient information, ensuring conformity of mobile devices with EMRs, and concluding which apps were the safest and most effective.  Today, the efficacy of mobile health technology has proven successful.  With access to a fully optimized, real-time, reliable mobile health app, healthcare providers have immediate access to vital information and the ability to share it with other pertinent team members. 

 

The Future Is Now

 

The 2015 HIMSS Mobile Technology Study consisted of 238 respondents who suggested that healthcare organizations are widely beginning to deploy mobile technologies with the aim of engaging patients within their organizations. Importantly, many of the respondents cited a need to fully optimize and leverage the diverse capabilities offered by mobile technology and platforms.  For example, almost 90% of respondents reported maintaining mobile devices to engage patients at their organizations. In addition, 47% of respondents indicated that implementing mobile services for access to information is a high priority in the future.

 

The prevalence of mobile technology in the health care industry is rapidly increasing as programs and applications for smartphones and tablets have progressively advanced. Mobile health technology (commonly referred to as mHealth) possesses the capability to improve patient care and boost efficiency of the staff and procedures.

 

In order to successfully incorporate mobile health technology into an organization, healthcare administrators must ensure that the app meets certain criteria:

 

1.    Does it offer timely and immediate access to information, whenever and wherever?

2.    Is it able to perform multiple tasks efficiently without having to switch from app-to-app?

3.    Is it organized to provide current, accurate, unbiased, relevant, and essential content during moments of care?

4.    Does it allow healthcare providers to receive and review the information they need, when and how they need it?

5.    Does it seamlessly connect with EMR (or EHR)?

6.    Does it help healthcare providers be more productive in and out of the office?

 

By using a mobile device to input data and update patient charts, a healthcare provider is able to spend more time with the patient and less time on the computer. 

 

Secure Text Messaging

 

Secure Text Message (STM) is used for securely sending and receiving texts and picture messages with an assortment of other mobile devices and workstations in a HIPAA-compliant manner.  Secure text messages are encrypted while being transmitted to meet the protection requirements PHI (Patient Health Information). 

 

By implementing an STM app, a healthcare team can communicate with colleagues in real time to rapidly address the needs of a patient.  Speeding up the process of ordering tests, lab results, and medications, affords the healthcare provider more time for more patients. 

 

HipLink offers an outstanding secure text messaging platform that works in real-time on Apple or Android phones.  The user can send secure text messages, encrypted for HIPAA compliance for both messages and attachments from a desktop computer and directly from the phone. HipLink Mobile provides a highly reliable and secure text messaging system.  Even if a user is not logged in, HipLink will alert the user and give them the option to login quickly. The sender will know the status of the message in all cases, whether it is pending, delivered, when it is read, and any responses – either phone-to-phone or desktop-to-phone.

 

By using Transport Layer Security (TLS), HipLink ensures the confidentiality of messages at the highest level of HIPAA compliance.  A very distinct feature HipLink has developed is a “single session” handshake process.  With this method, the TLS encryption key is constantly changing for each and every communications session between the HipLink server and the device.  This makes cracking the encryption virtually impossible as the key is constantly regenerating with each communication. 

 

Additional Features

 

HipLink also offers several other standard and advanced features with the Secure Text Messaging app.  Some of these features include:

 

  • Use message templates to promptly compose new messages and spend less time typing
  • Control your status by toggling between the “available” and “not available” mode
  • Quickly silence or mute all pre-defined alert setting for all severities to vibrate
  • Attach location coordinates
  • Execute pre-programmed custom commands and templates
  • Full administration and management controls
  • Draft messages, set Favorites, define alert tones
  • Streamlined workflows offer efficient functionality for all tasks

 

 

By incorporating HipLink mobile health technology into a healthcare organization, not only does the organization operate more effectively and efficiently, the satisfaction, engagement, and care of patients is vastly improved.  For more information about our mobile health technology including HIPAA Compliant Text Messaging, visit HipLink or call 1-800-524-7503.  

Hits: 4744
0

Posted by on in Blog
Secure, Reliable Messaging and Ransomware

How do you keep your communication flow during a cyber attack? The recent cyber attacks in hospitals are raising many questions about safety and security within many organizations.

CNN just recently reported that Ransomware is growing and that the FBI received 2,453 complaints about Ransomware hold-ups last year, costing the victims more than $24 million dollars”. CSO Online reported that incident response teams are dealing with 3-4 Ransomware incidents weekly. They also report that ransom requests have increased considerably and that in many cases the cost of recovery is so extreme that the only valid option is to consider payment.

Criminals sneak in through various techniques such as “man in the middle” attacks, lock the system and demand a ransom to unlock it. They rely on Bitcoins (XBT) since those are difficult to trace to actual people. Many of these hackers have offshore accounts and the chances of actually getting your money back or catching someone a world away” is highly unlikely.

At HipLink we feel that the best solution is to minimize your attack surface and implement a communications platform with the ability to manage and secure your communications from end-to-end should one take place.  Our focus is to provide our customers with a complete solution for managing these requirements. Our business model has always been to build a strong communications hub with several layers of redundancy to minimize a central point of failure or compromise. This means that we do not put all of our eggs into one basket. We look at the big picture and we understand that implementation needs to be dynamic and offer seamless alternate ways to notify staff using automated intelligence.

Many of HipLink’s customers have remote and on-premise servers that communicate with HipLink and act as a back-up communication platform in case of an emergency that may compromise any of the mission critical systems running each day. HipLink’s ability to accommodate strategic communication pathways on behalf of both employees and infrastructure separate our systems from others, making them popular in many of the world’s most advanced data centers.

Our flexibility within a wide range of verticals allows us to place ourselves in a unique position that accommodates a broad range of communication requirements. This position not only improves daily workflow efficiency but can help save critical data and in many environments, lives.

   

Hits: 4783
0
Recent comment in this post - Show all comments
  • Wendy H.
    Wendy H. says #
    Great blog- thanks for posting. Really enjoyed reading it.
HipLink Wins Large Hospital Group in Competitive Runoff


When Catholic Health Initiatives (CHI) created its secure communications strategy, the leaders of the national, nonprofit health system knew they needed a comprehensive technology solution. They also knew it would be a challenge to find that solution. In HipLink, CHI found a partner that could take on that challenge and help it realize the benefits of cutting-edge mobile health communications.

CHI is a national nonprofit health system with headquarters in Englewood, Colorado. CHI operates in 17 states and includes 86 hospitals and 40 long-term care facilities. With total annual revenues of more than $10.7 billion and approximately 83,000 employees, CHI ranks as the nation’s second-largest faith-based health system.

Hits: 6517
0