Evaluation of Secure Messaging Applications for a Health Care System: A Case Study

Abstract

Objective The use of text messaging in clinical care has become ubiquitous. Due to security and privacy concerns, many hospital systems are evaluating secure text messaging applications. This paper highlights our evaluation process, and offers an overview of secure messaging functionalities, as well as a framework for how to evaluate such applications. Methods Application functionalities were gathered through literature review, Web sites, speaking with representatives, demonstrations, and use cases. Based on similar levels of functionalities, vendors were grouped into three tiers. Essential and secondary functionalities for our health system were defined to help narrow our vendor choices. Results We stratified 19 secure messaging vendors into three tiers: basic secure communication, secure communication within an existing clinical application, and dedicated communication and collaboration systems. Our essential requirements revolved around functionalities to enhance security and communication, while advanced functionalities were mostly considered secondary. We then narrowed our list of 19 vendors to four, then created clinical use cases to rank the final vendors. Discussion When evaluating a secure messaging application, numerous factors must be considered in parallel. These include: what clinical processes to improve, archiving text messages, mobile device management, bring your own device policy, and Wi-Fi architecture. Conclusion Secure messaging applications provide a Health Insurance Portability and Accountability Act (HIPAA) compliant communication platform, and also include functionality to improve clinical collaboration and workflow. We hope that our evaluation framework can be used by other health systems to find a secure messaging application that meets their needs.