Is SMSGlobal HIPAA Compliant
by Rikin Shah
Text messaging future patients is a great way of driving potential foot traffic into your practice. Short message service (SMS) marketing and communication data has shown that people spend close to four hours per day on their phones.
Let’s review SMSGlobal for HIPAA compliance.
What is SMSGlobal?
SMSGlobal is a platform that enables companies to deliver mass text messages to customers. The key features include bulk SMS, two-factor authentication, dedicated number, multiple plugins, and the WhatsApp API.
The platform includes a control center for SMS marketing where users can create, send, respond, promote, and report on messaging campaigns.
Is SMS Global HIPAA compliant?
From a SMSGlobal representative:
As we’ve seen lately, [opening up our capabilities to HIPAA compliant services], could lead to major fines.
Since text messaging from company to patient results in data in motion, any protected health information (PHI) within the text message is vulnerable to a potential hack.
The HIPAA Security Rule has policies and procedures to prevent PHI from being altered or destroyed due to data breaches. A data breach opens covered entities up to potential fines for a HIPAA violation from the HHS and OCR (Office of Civil Rights).
Because SMSGlobal could be held liable for these violations if a breach occurs on their platform, it will not sign a business associate agreement (BAA). A BAA is required to remain HIPAA compliant.
From another representative at SMSGlobal:
Unfortunately, we cannot sign a business associate agreement for HIPAA Compliance because we are not HIPAA Compliant.
Conclusion: SMSGlobal is not HIPAA compliant.
The case for email marketing
With all the stats around mobile phone marketing, it seems that it would be the superior choice when looking for digital marketing options for your practice.
This, however, is misleading. Some data has shown that the click-through-rate of an email marketing campaign is relatively higher than that of a text message-based digital campaign.
Some companies have seen an ROI increase after using an email-based approach as opposed to a text-based one.
When it comes to using digital marketing in the healthcare field, security should be top of mind.
Why you should partner with Paubox
Paubox Email Suite is a HIPAA compliant email solution that has achieved HITRUST CSF certification. This means that Paubox has met key regulatory and industry-defined requirements to manage risk and will sign a BAA with every customer.
With Paubox Email Suite, every email you send from your regular email platform (like Google Workspace or Microsoft 365) is encrypted by default. Emails arrive directly to your recipient’s inbox; no password or portal required.
Paubox also offers a HIPAA compliant email marketing solution that allows you to send personalized email marketing to grow your business and increase patient engagement at the same time. A control center also allows you to track your marketing campaigns as they run for full-funnel functionality.
Additionally, Paubox Email Suite comes with two-factor authentication for an additional layer of security.
Paubox can help you do a fantastic job of engaging your target audience without breaking the rules and incurring fines along the way. The security functionalities built into our solutions make them ideal for healthcare businesses that need to send data securely and confidently.