If your hospital has delayed replacing pagers with a secure communication platform, recent reports of security breaches indicate that the time to act is now. Last week’s story in the Kansas City Star, “Does your hospital still use pagers? Your personal information may be at risk,” is the latest warning of security breaches at hospitals across the country due to physicians’ use of pagers to exchange protected health information (PHI).
The story points out that many hospitals using pagers “are still sending information over open radio waves that could include a patient’s name, date of birth and medical diagnosis. Those transmissions can be intercepted using free computer software and an antenna that costs less than $30, equipment often used by radio or tech hobbyists.” The revelation came from an IT worker who purchased an antenna to receive TV channels on his laptop. Instead, he was startled to see messages from local hospitals to physicians, including personal information from hundreds of patient visits.
Even more startling was a 2016 project by an artist and programmer illustrating how all pager messages in a certain city could be intercepted and forwarded to another pager. As part of an art installation, he displayed three pagers and printed message after message of sensitive patient information to illustrate how an outdated technology can be easily exploited.
By contrast, Voalte Platform includes vital features and tools to keep PHI safe. “Texting applications must encrypt all data that could potentially contain PHI both in transit and at rest,” explains Phil Fibiger, Voalte VP of Engineering. “That means data is safe both while traversing the Internet at the public access points your providers might be using, and on your caregivers’ smartphones. In addition to encryption, you need software and policies that allow you to enforce flexible mobile device management (MDM) and PIN lock solutions for handling lost or stolen provider smartphones.”
When these safeguards are not in place, violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, which protects medical records and other personal health information, represent a threat not only to patients but also to hospitals. Just last week, an administrative law judge slapped a $4.3 million penalty on University of Texas MD Anderson Cancer Center for failing to encrypt mobile devices (in this case, laptop computers and USB drives) containing PHI. The ruling represents the fourth-largest amount ever in a settlement involving HIPAA violations.
To avoid these implications and protect your patients’ privacy, now is the time to replace your pagers with a secure communication platform.
Naila Maroon is Marketing Communications Director at Voalte.