Skip to the main content.
Talk to sales Start for free
Talk to sales Start for free

2 min read

Is Mosio a HIPAA compliant text messaging service?

Is Mosio a HIPAA compliant text messaging service?
Is Mosio a HIPAA Compliant Text Messaging Service? Paubox With over 96% of the US population owning some sort of mobile device , it is no surprise that text messaging is one of the most, if not the most, effective tools for digital communication out there.  As a result, many businesses have cropped up around bulk text messaging for communicating with potential clients and customers. In this article, we will determine whether or not Mosio is HIPAA compliant. 

Mosio features

Mosio offers appointment reminders via automated messages to keep medical trial participants in the loop while also allowing for flexible rescheduling. Its CSV uploader can deliver bulk appointment reminders that relieve administrative burdens.  Mosio also has data collection automation functions that help teams schedule surveys for research participants after they have taken a certain action. This workflow is delivered through Mosio’s REDcap EDC (Electronic Data Capture) software that allows data capture both online as well as offline. 


Mosio and healthcare

As a company that has such a heavy foothold in the clinical research space, one would believe that Mosio is heavily invested in the healthcare industry. This is one of its primary appeals to organizations looking for a text messaging solution for clinical research participants.  Mosio’s mPIN verification , a method of verification that allows research organizations to assign an alphanumeric, user-based PIN to participants, is one of the reasons why it is a popular tool. During a research trial, study participants must respond with their specific mPIN code before a message or series of questions can be sent.  This helps to maintain participant privacy since text messages are not encrypted. It also verifies the recipient’s identity before the message is sent.  In addition to its mPIN feature, Mosio hosts its platform on HIPAA compliant servers that follow HIPAA technical and administrative guidelines

Mosio and the business associate agreement

Although some companies are quick to market themselves as HIPAA compliant, sometimes they fail to state whether or not they will sign a BAA or business associate agreement . Signing a BAA is crucial to remaining compliant.  In its privacy policy , Mosio states: 
All data collected by the Mosio platform (PHI or non-PHI) receives the same safeguards for security, privacy and breach notification applied to our clients covered under HIPAA rules and stipulated by a client BAA.
This is echoed further down in the document:
If your organization requires a BAA, please email documents to hipaa((@)) and allow up to 7-10 business days for review and completion after the project/program agreements have been confirmed.
When asked to clarify this further, a representative noted that they “make the determination [to sign a BAA] based on the project type/size.”  Conclusion: Mosio can be HIPAA compliant with an executed BAA. 


Mosio and COVID-19 research

As a major supplier of clinical research tools, Mosio has been aiding public health agencies in their COVID-19 contact tracing efforts. This includes using REDcap to parse out confirmed cases from monitored groups within specific communities that are being tracked by research and clinical studies organizations. 


Enter the Paubox Email API

Another way to transmit information about  COVID-19 contact tracing and test results is with an email API that can deliver messages at scale.  At the moment, millions of COVID-19 test results need to be transmitted not only quickly but also in compliance with HIPAA standards. While smartphone applications and healthcare portals can be used to verify a patient’s identity, these solutions require additional steps that may decrease the open rate of messages that would encourage infected individuals to self-quarantine.  The Paubox Email API is a HITRUST CSF certified solution that can directly send test results to patients via HIPAA compliant email, no additional password or verification required. These email notifications can be automated to reduce the burden on contact tracers so they can focus on identifying and isolating new cases.   SEE ALSO: How the Paubox Email API Can Help Fight COVID-19 Using a frictionless email API solution could make all the difference when it comes to an organization’s ability to manage and track a population effectively and efficiently.  Learn more about why healthcare businesses choose the Paubox Email API here .
Try the Paubox Email API for FREE today.

Subscribe to Paubox Weekly

Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.