TOP 10 QUESTIONS TO ASK BEFORE SELECTING A SECURE MESSAGING SOLUTION SIMPLIFYING & SECURING ENTERPRISE MESSAGING Table of Contents Introduction . 3 Does the solution ensure HIPAA compliance? . 4 Does the solution integrate with existing applications? . 7 Is it an extensible secure texting platform? . 9 Is the secure texting application intuitive? . 11 Does the solution support admin control? . .14 Does the solution secure confidential information? . .16 Does the solution replace outdated or unreliable communication tools? . .19 Does the solution foster workflow collaboration or a collaborative environment? . .21 Does the vendor leave you in good hands? . 26 Does the solution have proven success? . 28 Conclusion . .31 Introduction Evaluating secure text messaging compiled the Top 10 Questions functional requirements, but solutions can be a time-consuming to Ask Before Selecting a Secure also fits their use case. Learn all and confusing process for health- Text Messaging Solution, allowing key aspects of a solution includ- care organizations, especially with you to simplify the selection ing technical requirements, key restrictive compliance regulations process and more easily identify functionality concerns, and how in place. Once you have realized what you need from your secure to determine a vendor’s proven the need for a secure texting texting vendor. success record with case studies solution, the research, evaluation and testimonials. and selection process could be Healthcare organizations can long and unorganized without the easily discover the top concerns necessary tools or understanding when evaluating secure texting of what your ideal solution would solutions and ensure the solution be. That is why TigerText has they select not only meets all 4. Does the solution ensure HIPAA compliance? When selecting a secure text messaging solution, it TigerText Infrastructure is important to evaluate the technical aspects of the solution to ensure the solution is properly secure and HIPAA compliant. Due to the intrinsic security weaknesses of standard SECURE SECURE text messaging, HIPAA HTTPS/XMPP HTTPS/XMPP CONNECTION CONNECTION regulations require that any TIGERTEXT developed solution satisfies all necessary technical requirements to guarantee security and confidentiality of all data sent or received NETWORK PROVIDER NETWORK PROVIDER within the application. AT&T / VERIZON / SPRINT T-MOBILE / WIFI To ensure that the solution you select is HIPAA compliant, make sure that ENCRYPTION IN TRANSIT AND AT REST the technical safeguards meet these 4 key areas: HIGH AVAILABILITY Secure Data Centers, SCALABILITY Encryption, Recipient Authentication and Audit Controls. Does the solution ensure HIPAA compliance? 5. Secure Data Centers in-transit. In addition, vendors of data sent and received, unauthorized recipients. When A qualified secure texting can employ an advanced secure texting applications selecting a solution, work with vendor will guarantee HIPAA encryption technology such should confirm delivery to the the vendor to understand how compliance of their data as Advance Encryption correct recipient and have this process would work and through a Tier IV data center, Standard (AES). additional protocols to certify what reporting is available to where all data is physically security if data should fall into make sure it is HIPAA compli- secured with safeguards such In addition to comprehensive the wrong inbox or should the ant and meets all regulation as biometric measures, electric encryption, secure texting message be misdirected requirements as PHI is sent and power storage and cooling solutions can ensure from the intended received through their platform. systems. A vendors data center proper access and recipient. These must also be SAS-70 Type II security of data include fea- HIPAA Guarantee certified, ensuring that they through the tures such Some secure texting vendors adhere to information security way mess- as mes- will further their security by best practices. ages are sage promissing compliance through stored or recall or a HIPAA guarantee, giving cus- Message Encryption accessed remote tomers confidence that their To avoid compromising data through the wipe of data will remain secure and sent or received within a mobile device. data within confidential at all times. vendor’s solution, a secure Instead of a user’s inbox texting vendor must ensure storing on the or individual that all confidential information mobile device, pro- conversations. will be secure in-transit and at viders could allow secure rest within the solution. The access to the system, ensuring Audit Controls most common way to do this is that lost or stolen devices do Once a solution is implement- using the Security Sockets not lead to unauthorized ed, it’s important for your Layer (SSL) protocol, which is a access of confidential data. organization to have the ability standard security method to watch audit logs of staff widely used for the encryption Recipient Authentication usage and ensure that no data of personal information Along with ensuring security is compromised or accessed by Does the solution ensure HIPAA compliance? 6. Does the solution integrate with existing applications? even easier with easy access to understand how your to the information from within secure texting vendor can help A secure texting solution may offer either the secure texting you keep communication safe easy-to-use features and meet HIPAA solution or your on-call schedul- and even easily accessible with regulations, but to further accelerate ing portal. Selecting a vendor integrations to your existing workflows and create an efficient with this integration available technology stack; including communication process, platforms allows you to instantly sync your EHR. With the ability to should be capable of integrating with updates to your on-call sync all communications with schedule, search for schedule your EHR, healthcare org- 3rd party solutions such as answering specifics based on keywords, or anizations are given the ability service providers, scheduling software, access full details to foster to foster reliable and efficient and EHRs. immediate conver- sations communications. Selecting a instead of tracking fellow secure texting vendor with this physicians down with ability allows you to accelerate Answer Service Providers updates on incoming calls, a phone call or email. processes such as: approvals, With integration to your voicemails and patient updates. protocol approvals and answering service, secure This allows providers to EHR answering schedules. texting vendors can help you accelerate patient diagnosis, With both HIPAA Regulations create a more efficient process improving patient care within and Stage 2 Meaningful Use in from the moment a call comes your organization. full swing, it’s important in for an attending physician. When selecting a secure texting Scheduling Software solution, look for use cases or With the ability to access your case studies from customers on-call scheduling tool within a TIGERTEXT that have successfully done a secure texting solution, vendors similar integration while paying give you the ability to instantly attention to improvement rates. collaborate and accelerate Answering service integration patient concerns to the right CORPORATE EHR allows providers to instantly provider. This integration DIRECTORY SYNC connect and receive regular makes care coordination ANSWERING SERVICE Does the solution integrate with existing applications? 8. Is it an extensible secure texting platform? For many organizations, the extensibility of their secure messaging solution to other applications can be a key consideration when selecting a vendor. While a high-quality secure text messaging application will solve the direct communication workflow issues in a healthcare organization, if the platform is not extensible, it will not provide the opportunity for future integrations with other applications. A simple way to identify vendors with extensible platforms is to ascertain whether they provide an open API class to allow integration with their messaging platform. Vendors that have incorporated this capability will have API documentation that they should be readily able to provide. TIGERTEXT Create a Send secure SMS, End users receive customized or automated email or message to a secure encrypted message anyone via TigerText message Is it an extensible secure texting platform? 10. Is the secure texting application intuitive? Although you may just need a set-up their own profile and solution to check the box and begin messaging. These are ensure HIPAA compliance, it’s both key factors to consider important to feel that once when researching vendors. purchased, it will be easy for Search for a solution that users to sign up and use. As allows users to create individual you research various vendors, profiles or allows organizations one must understand the inter- to sync their corporate directory face and know that it will be with the application, giving all both familiar and intuitive for users the ability to instantly your staff. With the right solu- connect with anyone in the tion in place, it will be easier for organization and search for you to promote adoption and users by phone number or integration of secure texting email. An easy implementation among your staff members allows your organization to and within existing workflows. instantly onboard users, increasing the likelihood of Easy Set-Up adoption and integration into When selecting a secure texting your existing