SMS stands for Short Message Systems and each message has a maximum length of up to 160 English or text characters.

1. Secure Sms
Saturday, September 27, 2014
Tusted Secure SMS
Author: Julia Woods
How to Secure SMS for HIPAA
SMS stands for Short Message Systems and each message has a maximum length of up to 160 English or
text characters. It is the easiest, convenient and widely used means for people to communicate via mobile
devices or computers connected to a phone network. Almost everyone is familiar with the small text
messages that can be sent to each other. However the healthcare and medical industry does not fully
support SMS as their means of communication. Doctors can benefit greatly with secure SMS technology
only if the system itself is HIPAA compliant, and this is not the case. Typical texting service on mobile
phones doesn’t comply with this security protocol at all.
Secure SMS
Though SMS can also be used to communicate different kinds of information to their customers or patients,
like voice mail alerts, reminders, and medical information, the way texting is transmitted and stored is does
not have any means of protecting medical and patient information. This has been the problem for several
years now and some medical answering service companies are constantly creating and improving their own
SMS technology. Among the major concerns on HIPAA for SMS is on message encryption, access and
storage, and security on transmission of text messages. Apart from that, HIPAA compliant secureSMS
systems should be compatible with existing SMS services that patients use. If we were to develop a new
technology, it should be able to retain the security features even when are sent to other networks and into
the patient’s phone.
Goals for Secured SMS Systems
There are no security mechanisms defined in the SMS. The exchanged content is sent in clear text and may
be intercepted or impersonalized if sent over an open medium such as Internet. Setting up a secures SMS
system can be done in ways listed below.
1. To secure the communication line in which the content is sent. This can be done by some
leased line solution. This is often a fairly expensive solution and not always possible to implement. Most
mobile companies don’t bother with HIPAA protocols because their data systems and servers were not
originally designed to cater the healthcare industry. Changing their security protocols and layers to secure
SMS will be very expensive for them.
2. A better way to solve confidentiality and authenticity . Most data centers for websites and
gateways use Secure Socket Layer or SSL. It’s commonly used in e­commerce
and company sites, and
provides a secure connection between peers, by using encryption and authentication certificates. However,
to have HIPAA compliant SMS, one must develop a way to authenticate both recipient and sender of any
ePHI sent on the message. There are a lot of possible ways to adapt the secure transport layers into the
application, some open source libraries and, of course, infinite number of commercial ones. In practice, the
secure connection should first be established and then authenticated.
3. New technology or systems to secure SMS. Because typical mobile providers deem it’s too
expensive for them to update all their data centers, systems and implement encryption on SMS, the best
Charles Wilson
Follow 0
View my complete profile
About Me
Blog Archive
▼ 2014 (5)
▼ September (4)
Tusted Secure SMS
Secure Text Messaging for Healthcare
Needs
Reliable Medical Answering Service
Hipaa Compliance Regarding Patients
Security
► August (1)
1 More Next Blog» Create Blog Sign In
Generated with www.html-to-pdf.net Page 1 / 2

2. ePHI sent on the message. There are a lot of possible ways to adapt the secure transport layers into the
application, some open source libraries and, of course, infinite number of commercial ones. In practice, the
secure connection should first be established and then authenticated.
3. New technology or systems to secure SMS. Because typical mobile providers deem it’s too
expensive for them to update all their data centers, systems and implement encryption on SMS, the best
answer then is to come up with a private network for the healthcare industry, one that complies with the
security needs as dictated by HIPAA
Original Source: http://www.patientcalls.com/privatenote.htm
Labels: hospice answering service, medical answering service
Home Older Post
Posted by Charles Wilson at 12:34 AM
No comments:
Post a Comment
Subscribe to: Post Comments (Atom)
+1 Recommend this on Google
Enter your comment...
Comment as: Google Account
PPuubblliisshh PPrreevviieew
Watermark template. Template images by Colonel. Powered by Blogger.
Generated with www.html-to-pdf.net Page 2 / 2