Medical School Keeps Data, Docs Safe With Secure Messaging




Ranked among the top 40 medical programs in the country, University of Alabama-Birmingham’s School of Medicine (SOM) is a leader in healthcare, instruction, and medical research.

The school is home to 800 students, more than 900 residents, and 1,400 full-time faculty across 26 academic specialties, and home to University Hospital, which is one of the largest academic hospitals in the U.S.

While its innovation and teaching on the medical front is aiding the country’s healthcare, there’s a lot of behind the scenes work necessary to progressing the school and hospital’s capabilities. As such, Department of Medicine (DOM) Chief Information Officer Nazmul Islam is charged with overseeing the day-to-day and long-range plans of the information technology department while working closely with Campus and Health System technology groups. When doing so inside a healthcare enterprise, compliance and regulations steer Islam’s decision-making in terms of deploying useful hardware and software to the physicians, faculty, and staff.

“Name a compliance and we’ve got it,” Islam told Enterprise Mobility Exchange. “From the start we’ve had to ensure (digital) communication between the caregiver and patient is secure.”

In fact, all forms of communication need security in UAB’s healthcare environment. The school, as a research facility, also has patented medical innovations that need to be heavily guarded, Islam said.

Over time, Islam and his team ushered in security for its desktop computers, then partnered with Health System IT to secure email systems and mobile devices, but said there was one piece of the puzzle missing. “Physicians were communicating via plain text,” he said. “That method isn’t viable with the increased oversight we’re dealing with.”

That’s where the focus on secure messaging came into play. Since UAB’s medical school and University Hospital operate in a flexible mobile environment – allowing Bring Your Own Device (BYOD) and Corporately Owned, Personally Enabled (COPE) – Islam knew he needed a service that would be OS agnostic, easy to deploy and scalable.

The Health System CIO then found a suitable product in Vocera’s secure messaging app and secured stakeholder buy-in. “Physicians are now using mobile devices to increase productivity and communicate with each other,” Islam said. “To stay compliant, all physicians on staff must now use the app to message each other.”

What’s been the return on that investment over the three years since the Health System went live with the secure messaging feature?

There have been no security incidents via mobile device in the three years since the secure messaging app was deployed.

With the rise of smishing – phishing’s text message cousin – new threats are being unleashed daily aimed at tricking mobile users that their inbox is free from harm, while in actuality the new form of malicious link sharing is quickly becoming enterprise mobility’s biggest threat. In healthcare, where the United States leads the world in data breaches and cost per stolen document – some $250 per record, compared to $3 for stolen credit card info – no device or communication format can be secure enough.

For the University of Alabama Birmingham’s medical department, however, members can go about treating patients and teaching healthcare without worry.

Photo courtesy University of Alabama-Birmingham School of Medicine.