Communication is Hot!

The Centers for Medicare and Medicaid (CMS) announced today that HIPAA compliant text messaging is a viable way for healthcare professionals to send patient information. But the key is that its done with a secure messaging infrastructure. Universally available solutions like SMS (text) or WhatsApp are not in compliance with this.

Why did CMS feel the need to rule on this?

Because text, WhatsApp, and other generally available messaging solutions are widely used in healthcare. In fact, they are pervasive. The reason is simple; we're all used to using them in our daily lives, and they're right there on our phones or computers.

They also don't run into the barriers created by the communication tools approved by our organizations create like messaging within the EHR (EMR), patient portals, email, or even Slack when care givers try to communicate outside their own organizations. For example, a hospital's discharge coordinator trying to message a family member or the community pharmacist may not be able to use the messaging in the EHR or email if they don't have their email address. So they grab the phone and find they need to leave a voice-mail message.

Texting or searching for these people on WhatsApp or even Facebook and communicating there is simple enough. And its done every day. But its not secure and confidential. And so CMS felt the need to issue a ruling on doing so.

Now consider a recent publication from McKnights entitled "FINANCIAL HEALTH = RESTRUCTURING + MARGIN IMPROVEMENT Financial and operational transformation paves the road to recovery in a stressed environment" (1) (2)

This document highlights that in post-acute care settings financial survival is largely dependent on quality and efficiency, and that in turn is based on good processes and procedures. A quote from the document:

"Many equate quality with a number of staff rather than asking 'Are our processes and procedures as great as they can be?'"

One of the often-overlooked processes within healthcare that directly contribute to inefficiency, quality issues, and even burn-out amongst staff is communication. Staff gravitate towards and choose to use unsecure communication methods because they simply want to serve patients in the most expeditious way possible. And when the team of caregivers moves beyond a single, monolithic organization as they certainly do in post-acute care the communication challenges - particularly if they are to be compliant with HIPAA and CMS' ruling - become even more challenging.

That said, healthcare organizations should be careful not to jump to communication tools that simply meet with CMS' guidance in terms of being secure. Instead they should also be looking at those tools in terms of supporting and even driving efficiency of the care team and the organization as a whole. Among other attributes this means considering more than whether or not the solution encrypts information end-to-end. It considers whether the communication is organized in a patient-centric way so as to ease members of the care team in their contextualizing the information. It might include the use of algorithms to escalate information or direct information to specific members of the care team based on the situation. It most assuredly recognizes that the care team will be dynamic and variable for each patient, and it makes it easy to add and remove members of that team - including family and friends of the patient - without added burden or cost.

Finding the balance between security and efficiency can be a challenge. But getting it wrong in either direction can be catastrophic to an organization.

(1) Note: Registration may be required to obtain a copy

(2) Sponsored by Plant Moran Wealth Management