HIPAA compliant encryption for text messaging is a security measure to guard against unauthorized access to ePHI transmitted over a communication network. Its purpose is to make any sensitive patient data that is compromised while in transit unusable, unreadable and indecipherable to any third party who accesses it.
Due of the sensitivity of ePHI, the level of encryption required by HIPAA is a requirement for all communication of patient information. Many healthcare organizations face this challenge as many healthcare professionals use personal mobile devices to communicate ePHI each would need the ability to access sensitive data on their mobile devices in an encrypted and compliant manner.
This is not an easy task with healthcare professionals utilizing multiple operating systems and devices. Other security issues would exist when ePHI communications are transmitted across open cell phone networks (where copies remain on service providers´ routers), or if a mobile device is lost or stolen – for although the data is also encrypted at rest, the possibility exists that at some time in the future a decryption key might be found to access it.