Today, email is universally used for both professional and personal reasons to communicate and exchange information quickly and effectively. It is safely assumed that email can be used to connect with almost anyone that can be considered a friend, colleague or even an acquaintance. The asynchronous nature of email makes the medium a reliable method for efficiently interacting online. As a result, a majority of business communication is solely handled through email because it is effective and easy to use, and research shows that users spend an average of four hours a day working in their inboxes. Therefore, it can be said that many of our businesses in fact "run" on email.
However, even with the explosion of email in many industries, the healthcare sector lags far behind the rest of the world in using email to quickly and effectively communicate. Recent research suggests that the healthcare industry continues to rely on communication methods from the 18th century, and not the digital age. A recent National Health Interview Survey reported that only 5.5 percent of the 33,000 Americans surveyed said they use email to communicate with healthcare providers, up from just 4.6 percent in 2009. In fact, according to a study by Manhattan Research, physicians are more likely to use text messaging with patients (18 percent in 2012, up from 12 percent in 2010) than email.
Why is there such a hesitation from healthcare organizations and providers to use email to communicate? Risk management. The Health Insurance Portability and Accountability Act and Protected Health Information regulations are quite explicit about dictating the security requirements for sharing patient information.
HIPAA regulated communications generally fall into two categories. The first is easily identifiable communications based on relevant medical terms. The second is free-form communication that isn't always easy to predefine, but the sender of the email knows that the message should be sent securely to the recipient. Technologies exist that can help with content control that use predetermined libraries to automatically identify sensitive content and enforce encryption and secure delivery requirements. Effective solutions allow communication between partner organizations that both fall under the HIPAA umbrella and can be sent encrypted through simple policies set up by an IT administrator.
There's good news for healthcare providers looking to finally make the move to email: Securing email communication can be done in several ways. Emails can be encrypted during transmission between email servers which provides protection from interception, but issues can arise with the servers themselves. A higher level of security can be implemented by using message-level encryption to ensure the content is protected on the remote email server. But, this method is decreasing in popularity as client software is often needed to view a message, and various devices may not support the software. A better approach is some form of secure webmail delivery, in which the message isn't actually delivered to the remote server, but is instead stopped at the gateway. The recipient of the email gets a delivery notification with a link that is used to access the original email. Secure webmail delivery solutions typically require a password to access the email which adds another layer of security to message access, providing more peace of mind for worried physicians. Ideally, the solution will also track recipient access.
Additionally, many healthcare organizations today are still using traditional email services that unfortunately do not provide a robust, secure platform for communication between a patient and the healthcare provider. Basic email communications are unprotected during transmission and can sit unprotected on the remote email server. Nothing prevents a malicious insider with administrative rights from accessing sensitive data. As a result, healthcare providers are often hesitant in using email to connect with patients, which is often counterintuitive to providing quality customer service. However, fortunately for the future of the healthcare industry, some best in class providers have actively used available technologies to solve the email security problem efficiently.
Leading healthcare providers are actively searching for ways to improve not only the quality of care, but the quality of the healthcare experience. Fast and secure patient communication is a crucial tool to enhance the patient experience. Fortunately for healthcare providers looking to make the digital jump, there are a range of solutions available to make the most ubiquitous communication tool — email — an effective way of communicating with patients.
Mounil Patel is vice president of field enablement for Mimecast, a provider of cloud and mobile data archiving and security services for healthcare organizations. Patel and the Mimecast team help users develop HIPAA and meaningful use compliant communication platforms to eliminate security risks, reduce costs and increase privacy and productivity.