Some Physicians Get Personally Identifiable Information Via Texts Every Day

A new survey has concluded that despite efforts to better protect patient data privacy, a substantial number of providers are still getting unsecured messages that contain patient information.

The survey, which was performed by Black Book Market Research, analyze replies from 770 hospital-based users and 1279 physician practices. Researchers looked at how care teams were retaining secure communications.

The market research firm found that 30% of respondents received texts that included individually identifiable data every day. This result should curdle the blood of healthcare cybersecurity experts since I’m pretty sure most of these patients haven’t agreed to these unsecured texts.

However, both hospitals and physicians are pressing forward with platforms that protect patient data while linking teams together. The vast majority of respondents (94% of physicians and 90% of hospitals) told Black Book that mobile technology, in particular, could improve patient safety and outcomes.

The majority of respondents (85% of hospitals and 80% of physician practices) reported that they were committed to investing in secure communications platforms capable of tying together care teams, patients and families. And they’re in a hurry. In fact, 96% of hospitals expected to budget for or invest in comprehensive clinical indication platforms before the close of 2018.

That being said, 63% of study respondents said they were finding it difficult to get mobile technology buy-in from colleagues. Actually, that’s not too surprising. If you ask physicians to switch from an easy-to-use, effective tool like texting to an unknown communications platform, they’re likely to resist. They probably understand intellectually why using secure, collaboration-friendly software is a good idea, but the truth is that these platforms might disrupt physicians’ routines substantially.

Meanwhile, 90% of hospitals and 77% of physician practices that participated in the survey said they were using intrusion detection systems and secure email. However, this news isn’t that encouraging, as the majority of existing physician portals already offer secure email, and intrusion detection systems are pretty much a given by current standards.

The truth is, with healthcare data growing more valuable than ever and the threat landscape expanding rapidly, both hospitals and medical practices will need to step up their game substantially if they want to avoid security breaches. Investing in secure communications platforms is good, but it only addresses part of their security problems.

Over the long haul, both hospitals and doctors will have to get better at protecting both their mobile and enterprise data assets. There are good reasons to focus on secure mobile communications now, but providers can’t let it distract them from enterprise-wide security problems.


About the author

Anne Zieger

Anne Zieger

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.