Instant Messaging in Healthcare

Instant messaging technology makes patient care a smoother process.

Healthcare professionals are following today’s trends and using messaging apps on a regular basis when performing their clinical duties. Instant messaging saves a lot of time, since it allows you to:

  • effectively coordinate with your colleagues;
  • get expert opinions quickly;
  • check whether your message has been delivered or read;
  • easily reread the message on the go.

The need for data protection compliance

While instant messaging increases efficiency and mobility, it also radically increases the security risks related to sensitive patient data. As such, security and authorisation requirements make consumer messaging tools a bit controversial within the healthcare environment. Are they compliant with general data protection regulation (GDPR)?

The GDPR is a regulation in EU law that sets out detailed requirements for companies and organizations on collecting, storing and managing personal data.

European Union

Healthcare software evolution in 2020

Development evolves according to needs. Several solutions have already emerged on the market to meet the communication needs of healthcare professionals.

Checklist for a messaging tool specifically designed for clinical use

  1. Security
  2. Authorisation
  3. Integration

Patient data can be at risk at several levels when using instant messaging in clinical services: during transmission, while being stored on servers, and on the sender’s and recipient’s phones. Look for a solution with a high-grade security method protecting sensitive patient data during transmission. Also, ensure that there is an appropriate retention policy in place – messages shouldn’t be permanently stored on the phones; they should be deleted after the patient leaves a ward, or after a certain time period. When necessary, it should be possible for a healthcare organization’s centralised management solution to ultimately erase app or device data.

Favour a solution that utilises existing authorisation, where the permissions access patient data through the EHR. This way, unauthorised users cannot see the clinical data context.

Compared to consumer messaging tools, more value is also gained when the tool can be integrated into the hospital’s EHR system. Integration enhances the chat with clinical content and continuously updates the patient records, instead of ending up with another repository of clinical data.

Read about data protection under the GDPR (EU) >>

Read about NHS instant messaging guidance (UK) >>

Read about HIPAA compliance (US) >>