SAN FRANCISCO — Hospital caregivers typically bring their own mobile devices to work and use them to share clinical and care coordination information other members of their multidisciplinary care team. It’s a practice that screams “HIPAA violation.”
Much of this information is transmitted via text messages or multimedia SMS. This can even include images.
This might be fine if the messages were transmitted on a Wi-Fi VoIP network within the hospital’s firewall. But this usually isn’t the case. SMS runs on cellular networks like those operated by AT&T and Verizon.
And as Health and Human Services (HHS) CTO Bryan Sivak pointed out here at VentureBeat’s HealthBeat conference in San Francisco, SMS messages typically make several hops when traveling over the cellular network. They might be cached on a local AT&T server or stored for a certain period on the network of a backbone operator like Level 3 Communications.
This is a clear violation of HIPAA. And the Office of Civil Rights (OCR) under the HHS, the office charged with enforcing privacy laws, is said to be getting tougher on HIPAA violations stemming from insecure communications technologies.
Insecure care-coordination communications in the hospital and in other care environments has been the elephant in the room for quite some time, but administrators may soon be forced to deal with it.
And this could create opportunity for startups. CareWeb, a software platform being developed at the University of California San Francisco (UCSF) Medical Center, provides an app that caregivers can use to share care-coordination information with team members.
The app is served from the Salesforce platform and looks like a social networking news feed. Salesforce has signed a business associate agreement with UCSF, making Salesforce responsible for the privacy of the data running through its platform.
HealthBeat is a two-day conference covering how new ways of tracking our personal data can improve our health and health care system.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.