Implementing Secure Messaging in Healthcare: Best Practices and Solutions

Patient data is at the core of any digitised healthcare system. Through it, researchers and doctors can develop a deeper understanding of causes and risks in certain conditions, improve treatments, and develop new ways to prevent disease.

But if medical records fall into the wrong hands, they can be used for identity fraud or to jeopardize patient security in myriad other ways.

Modern-day patients are looking forward to mobile solutions: more than half of all US physicians already offer in-app appointment bookings, and more often than not, these apps feature messaging functionality.

In a 2017 Patient-Provider Relationship Study, the majority of participants indicated a preference for mobile-based channels of communication with doctors. Already in 2014, 57 per cent of physicians electronically shared health information with patients and 26 per cent shared data with other providers.

Besides messaging programs connecting patients and doctors, there are channels for physician-to-physician communication and data exchange between doctors and labs. In each case, the issue of protecting valuable data is a stumbling block.

We have an in-depth understanding of these issues. MadAppGang have worked on several health applications including Secure My Health, a prescription tracking app. We also developed Strongbox, a chat app and an SDK that delivers a securely encrypted communication system.

With intensive digitalisation and the adoption of electronic health records – promoted at the national level, for instance, by the US HITECH Act – the question of security looms large. Let’s reveal what secure messaging in healthcare is and how mobile messaging is handled in current solutions.

Secure Messaging for Healthcare and National Regulations

Firstly, any medical app, whether it has a messaging feature or not, is subject to governmental regulations. We described major regulatory practices in the USA, Australia, and Europe in our post on healthcare app compliance.

Regulatory bodies set the framework of what can be defined as patient information and secure messaging. For example, HIPAA encryption requirements specify how data transmission is managed in compliant messaging platforms.

In the US, the Centers for Medicare & Medicaid Services (CMS) set new standards for healthcare messaging in 2017. According to CMS, patient data exchange between healthcare professionals is permissible only through a secure platform, while texting medical reports is prohibited regardless of platform. It’s also advised to use Computerized Provider Order Entry (CPOE) systems to enter and send treatment instructions.

In Australia, the Australian Digital Health Agency has a Secure Messaging Program dedicated to provider-to-provider messaging. The program aims at the creation of implementable and interoperable solutions for document exchange and clinical workflow management.

Ensuring Personal Device Security

There’s another challenge when addressing security risks: if a healthcare institution has a secure messaging program, it doesn’t guarantee that every worker will adopt it and abandon less secure practices.

There’s a myth that prohibiting personal device use will ensure secure messaging, but the fact is that BYOD is a part of healthcare that’s unlikely to change. This is why any secure healthcare messaging app should have specific protection measures while displaying and storing any information on a device.

A regulatory requirement stipulates the ability to remotely delete messages with sensitive information from a device. The system should work in such a way that if a hospital employee resigns or has their phone lost or stolen, all messages containing protected health information should be erased, leaving the rest of the data in place. There are two options for that: use the platform’s own instruments (like Find My on Apple devices) or implement the Sesame algorithm. With remote access to all devices involved in communication, companies can mark stolen devices in the system and they won’t be able to send or receive any data.

There are common practices that ensure the security of messaging applications:

Previously, data exchange between healthcare workers and patients was performed via pagers, fax machines, and hospital pages. These technologies are inconvenient and mostly obsolete. Modern healthcare facilities are striving for intuitive and secure data transmission.

Let’s see which technologies are currently used for messaging and which are the most secure.

Emails and SMSs

Emails and SMSs, though still used in the industry, are recognised as unsafe and vulnerable to data leakage. They allow unauthorised access to information, and such messages can be intercepted if devices are connected to unsecured networks or accessed on a lost device.

What is required for a HIPAA compliant email? Monitoring how personal health information is communicated and protecting it from unauthorised access.

Instant Messaging

Instant messaging offers the obvious benefit of speed and is widely used by healthcare professionals. A record 97 per cent of respondents in a 2017 survey admitted sending patient information on WhatsApp.

Instant messaging programs are not a safe choice for a number of reasons: messages can be intercepted over unsecured Wi-Fi networks, information can be vulnerable because of BYOD policies, and there’s no clear ownership of the data people exchange via such messengers.

What Communication Methods are Permitted in Healthcare?

Regulatory bodies don’t forbid emails, SMS, and other instant messaging services but they set certain rules: assign a unique login username and PIN for each user, prevent unauthorized access with an automatic logoff feature, and encrypt data attachments. Fines for violating security measures can reach up to $1.5 million.

Even though these communication means are permitted under certain regulations, regulatory authorities recommend applying secure messaging systems instead of SMS, email, or IM.

Making a mobile app specifically for provider communication or implementing messaging into healthcare apps is the most secure and efficient way forward. Moreover, a custom app can be integrated into identity management systems for employees such as ActiveDirectory or Okta, which simplifies control over access to data.

Even if popular third-party messengers provided top-quality encryption, it’s still better to have separate secure messaging solutions for healthcare.

There are several medical data types (basic patient information and lab results) which should be seamlessly integrated into a healthcare app. For doctor-patient applications, it’s a good idea to implement messaging and scheduling, while an app for a specific hospital should probably have a feed with important news, a map of the facility and so on.

We described the essential features of different medical solutions in our post on healthcare app development. Here’s what a healthcare chat app should have:

There are several ready-to-use chat solutions like Firebase, Layer, or PubNub. However, they are a bad choice for secure healthcare messaging apps for the following reasons:

• Shared storages
• No individual message encryption
• No means to control backup encryption
• No ability to adjust message storage timeframes
• No tools to identify data leakage
• Data encryption on the server-side is limited
• You can’t use the latest cryptographic libraries because the service isn’t updated fast
• Control over access levels is limited
• Integration with user databases is limited
• If the servers are located in the US, which is usually the case, there can be significant delays in other countries
• All data is owned by the platform and not you
• Media file exchange is limited
• You can’t use your own SSL certificates or client or server certificate pinning

Signal Provides a Secure Communication Platform

MadAppGang developed Strongbox, a highly secure team messenger. In Strongbox, we used Signal, which has the following benefits:

• Point-to-point encryption
• XEdDSA and VXEdDSA signature schemes
• X3DH protocol for confidential key exchange between two parties
• Double Ratchet algorithm for exchanging encrypted messages based on a shared secret key generated by the X3DH protocol, with each new message being secured by a separate key
• Sesame algorithm for confidential communication on multiple devices
• No central encryption server, which makes it impossible to hack the whole system
• Due to its open-source nature, every company can conduct its audit

There are many messaging platforms developed for healthcare teams. Here are some examples:

• A web-based client, Voalte is designed to facilitate team communication with secure messaging.
• Vocera offers text and voice communication and is accessible on a range of devices.
• Medixnote provides a messaging app for enterprise healthcare.
• The Silio app is designed for medical teams to coordinate patient care and discuss difficult cases. All data is protected accordingly to the standards set by GDPR, e‑Privacy, and the NHS.
• A messenger app for doctors, Doc Halo, has grown into the first cloud-based clinical communication platform. Halo Communications combines text and voice communication with scheduling features and alarms.
• Similarly, TigerText messenger became TigerConnect, a platform that develops solutions for different healthcare professionals and organisations. Its messaging capabilities are certified for data security by HITRUST.
• In the UK, the messenger Forward is gaining momentum. Built according to NHS regulations, it offers an app for medical professionals and organisations with two-factor authentication and secure server storage.
• MedX provides secure messaging with end-to-end encryption for doctors in Australia.
• An Australian communication platform myBeepr features group messaging, secure attachments, and various integrations.

The Interoperability Challenge

While these solutions are helpful in terms of streamlining communication workflows and protecting patient data, the market is segmented and data interoperability remains a pressing issue.

Interoperability means healthcare workers that use different messaging platforms can't interpret data from one another. A cycle of treatment can require one patient to visit several professionals, which makes it crucial to have a unified data exchange channel.

Healthcare facilities need to adopt interoperability in tandem with secure messaging.

Since healthcare requires multiple interactions on a daily basis, and some with pressing time concerns, secure messaging is fundamental.

To prevent medical data from being stolen and used for the wrong purpose, healthcare providers should implement messaging solutions strictly compliant with national regulations and test regularly for potential breaches.

It’s essential that patient data is protected but healthcare cybersecurity measures shouldn’t affect the workforce’s efficiency. Messaging platforms and apps have to be helpful. They need to improve clinical decisions not generate delays and communication inconsistencies.

Several studies have shown that patients benefit from patient-to-physician communication tools. Patients engaged in ongoing communication with doctors were more involved in their care and more likely to remain healthy.

Secure messaging has an important role to play in today’s healthcare industry, so long as the messenger is built with a full awareness of industry demands and the inherent vulnerabilities in existing systems.

If you're looking at building a secure, compliant messaging platform, talk to our experts today.

10 February 2020