Pagers: Only in Healthcare

21613130185_54085fac1e_mHealthcare is often subject to many jokes about the utilization of outdated technology. The old-fashioned pager, or a beeper, is the hallmark example that is most often cited. Now, not only are pagers found to only be used by healthcare (and maybe drug dealers), but pagers may also pose a significant security risk.

How does a pager work? Pagers typically work by transmitting messages by a radio signal. Essentially, the pager is a personal radio receiver that ensures the intended recipient will actually see and receive the message. Additionally, each pager can receive any message sent to any pager. However, only messages that contain a special code will be picked up by a specific pager. As the brief description demonstrates, a pager works by radio signal only. Radio signals are not a means of communication that can be easily secured, if it all.

Given that transmissions to pagers are not encrypted, intercepting pages can be relatively easy. An analysis by Trend Micro found that something as simple as a $20 dongle and some understanding of software-defined radio can enable interception of the radio signals. If the signal is intercepted, then the message can be viewed and a breach likely to occur.

What does all of this mean for healthcare? It means that there may finally be a hook, beyond outdated technology, to abandon the pager. If transmissions cannot be encrypted and it is easy to break in, then there is a significant risk posed under HIPAA. While encryption is an addressable element, it does not mean that i can be wholly ignored. Instead, it means that entities need to consider options. If there is a known risk that cannot be eliminated, then is that tool something that should be utilized in healthcare given HIPAA requirements? The answer

If there is a known risk that cannot be eliminated, then is that tool something that should be utilized in healthcare given HIPAA requirements? The answer to that question arguably becomes even easier when the number of alternatives that exist are considered. In the age of smartphones where information can be encrypted quite easily, where does a pager fit in? Maybe nowhere.

The issue all comes back to healthcare needing to become comfortable with newer forms of technology. Such technology appears and is used quite regularly in other industries. Such technology can increase efficiency and enable everyday solutions to come into healthcare. Developments in this vein can appease many concerns and desires and result in an overall better environment. If demands continue to be made and risks continue to be found, change will occur.

Advertisements

About Matt Fisher

Matt is the chair of Mirick O'Connell's Health Law Group and a partner in the firm's Business Group. Matt focuses his practice on health law and all areas of corporate transactions. Matt's health law practice includes advising clients with regulatory, fraud, abuse, and compliance issues. With regard to regulatory matters, Matt advises clients to ensure that contracts, agreements and other business arrangements meet both federal and state statutory and regulatory requirements. Matt's regulatory advice focuses on complying with requirements of the Stark Law, Anti-Kickback Statute, fraud and abuse regulations, licensing requirements and HIPAA. Matt also advises clients on compliance policies to develop appropriate monitoring and oversight of operations.
This entry was posted in Health IT, Healthcare, HIPAA and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s