The pMD Blog

Welcome to the
pMD Blog...

where we cover interesting and relevant news, insights, events, and more related to the health care industry and pMD. Most importantly, this blog is a fun, engaging way to learn about developments in an ever-changing field that is heavily influenced by technology.

POSTS BY TAG | Secure Messaging


We’re extremely excited about our upcoming release of attachment support for pMD, HIPAA compliant, secure text messaging. This feature will allow pMD users to send one another highly sensitive data, such as photos of patient charts, copies of lab results, pdf documents, and much more. As a member of the development team at pMD, the task of determining how to store all these files securely and efficiently presented a unique challenge.

pMD provides mobile software that improves patient care through charge capture, care coordination services, HIE implementation, and secure messaging. Due to the sensitive nature of the information providers exchange, it is essential that their data be stored within the secure confines of our data centers, not with a third-party service. So, we needed to find a top-notch storage system, capable of housing millions of files, that we could install on dedicated servers that we manage ourselves.

After several weeks of detailed research and testing, we established a clear winner. This system met and exceeded all of our requirements. It’s name is Swift, and it’s part of the OpenStack suite of cloud software. OpenStack products are specifically built for companies like pMD who want to deploy powerful, yet easy to use tools in their private clouds.

In our search for the right storage solution, we formulated a list of five major requirements that any contender must meet. Here is how Swift addresses each of these items:

Highly available / replicated. First and foremost, we required a system that would be tolerant of hardware failures. Swift makes several copies of every file it stores so that if a hard drive, or a server, or even an entire data center has a problem, we are guaranteed to have other copies of the data still available. Once the specific failure is repaired, Swift is smart enough to catch the server(s) back up with whatever they missed while offline.

Distributed. We needed the system we picked to make every file available to every machine on our internal network. In other words, we couldn’t just plug an external hard drive into one of our web servers, like you might do at home if you needed extra room for your photos and videos. Swift runs on dedicated servers in our data center. It provides something that we call an Application Programming Interface (API) in the software world, which is a simple interface that our other systems can use to talk to Swift whenever they need to save or retrieve files.

Scalable. It was very important to us to find a solution that could grow with the demands of our customer base. Swift is incredibly flexible. Whenever we want to increase our storage capacity, we can just pop some new hard drives into our existing servers or add a brand new server, tell Swift about the new components, and Swift immediately starts utilizing the additional space they provide.

Secure. Our users are health care professionals and they rely on pMD to help them securely manage sensitive, patient data. Because of this, the system we chose to store their message attachments had to support HIPAA compliant, modern, best-in-class encryption. Swift offers several sophisticated levels of security that allow us to encrypt and protect all the files it houses.

Easy to operate. Finally, as developers responsible for maintaining pMD’s infrastructure, we wanted a well-built system that we could install and rely on. We didn’t want a solution that would require a large amount of daily maintenance. As you can see, Swift is a sophisticated system. However, it’s also incredibly self-sufficient. Once it’s installed, it requires very little input from us to keep it running like a well-oiled machine.

We’ve been running Swift on a number of shiny new servers in our data centers for about a month now as we prepare our attachments feature for release. It’s been incredibly fun to work with, and it has blown us away with its power and performance. We can’t wait to give attachments to our users so that they too can experience the power of Swift!

Physicians have been texting each other about patient care since the invention of the BlackBerry, if not before. Texting is the perfect medium for direct provider-to-provider communication, which is critical in the hospital environment where the sickest patients need round-the-clock care by a diverse team of specialists. Since the HIPAA Omnibus changes came into effect in late 2013, medical practices have scrambled to secure their texting so that they could continue to communicate it real time while complying with the law.

Replacing SMS text messages is not without its challenges. Traditional texting is very reliable. All you need to receive an SMS text message is the barest, most minimal cellular signal - "1x," let's say, or "EDGE."

Pagers, still a staple of the medical industry, are even more reliable. They use a different wavelength that can penetrate buildings and landscapes with ease. In an industry where getting a message means the difference between a patient getting care or not getting care, it's no wonder that the pager is beloved by so many physicians. The message always arrives.

Compared to these increasingly old-school methods, secure text messaging apps offer many benefits, such as a global address book for the practice and protection of any HIPAA-sensitive patient information. But to gain all-important physician adoption, the app needs to overcome the challenges of the hospital environment where it’s hard to find a strong and reliable data signal.

For example, a pediatric hospitalist walks into the Pediatric ICU to see some patients. This room is deep within a hospital sub-basement, and she doesn’t have any data service there - just the barest sliver of phone reception. A basic secure texting app uses its own push notifications to notify users that there’s new information, but she won’t receive that app notification until hours later when she’s done seeing patients. By that time it may be too late for her to act on it, and she may have made some medical decisions without having the most up-to-date information.

A more advanced secure text messaging app also offers fallback options if a device can't be reached in a timely fashion. Knowing that the hospitalist may not have data service if they haven’t read the message after a period of time, the advanced app can try other ways to notify her that she has a message waiting, such as sending a regular SMS text message - or even a voice call - reminder without any sensitive data. These often get through even when app push notifications don't. At this point, the hospitalist can return to a place where she has data coverage, or can find a computer on which to read the message.

The best secure text messaging apps embrace the unpredictability and constraints of the chaotic hospital environment. This is why pMD took into account the frustrating cell reception in health care facilities when we designed our HIPAA secure text messaging and mobile charge capture software. This is such a key usability factor that we engineered an entire system of notifications and reminders to make sure that providers would know they have a message waiting in pMD, even if they are outside of data service. An app is more than an app when it has a system backing it that makes sure the message gets delivered - it becomes a reliable tool to save lives. This provides the peace of mind that makes doctors happy.

Smartphone technology has evolved to include so many far-reaching capabilities that these compact devices are incredibly powerful. Just look at how smartphones have perforated and changed the health care industry, becoming a valuable aid for doctors. Unfortunately, the responsibility that is so important when using smartphones, particularly in health care, is not a universal practice.

Take, for example, a doctor in Seattle who is being accused of partaking in some unscrupulous and bizarre activity using his smartphone. This anesthesiologist is said to be responsible for sexting during surgeries and taking explicit selfies at the hospital - at one point sending 45 dirty messages during a single operation. His medical license has been suspended due to “lack of focus.” Apart from these sexual perversions being offensive and disturbing, there are some larger problems with his messages at play here. Why was this doctor not using a secure messaging system? What if he had sent one of his messages to the wrong number? A traumatic experience, indeed.

This goes to show how important it is to use a secure text messaging system. And not because you can then send selfies to your colleagues with abandon. A secure text messaging system allows you to have a reliable and accessible list of contacts in your network and send information safely and quickly. Our latest release coincidentally elaborates on secure text messaging for health care professionals that improves communication within the medical community.

View Press Release

Many health care organizations have already deployed secure email software but don't realize that their providers are still sending sensitive patient information to each other via SMS text messages. Text messaging is king, especially in the hospital setting where highly mobile physicians need fast answers about the sickest patients and aren't always in front of a computer.

But secure text messaging solutions aren't all the same. SMS text messaging is very easy to use and everyone already has it installed on their phone, so if you expect a secure replacement to get widespread adoption, the secure texting software actually has to be better than SMS in some way. In this series, I will share some areas of opportunity that we've discovered at pMD while helping our customers deploy our secure text messaging software. If you're in the market for something like this, I hope you find this series informative and that it inspires you to seek the best solution on the market for your needs!

This scenario may sound familiar: you send someone an SMS text message about something important and you're waiting to hear back. Some time later, you realize that you haven't heard back. Maybe the recipient didn't get your message. You decide to open up your text messaging app, but it doesn't say one way or the other. You start to wonder if you should send another text message, or maybe even call the other person. Then something distracts you and you lose the thread. It could be a while before you think to check again, and your phone won't bring the unread message to your attention. The recipient might not have received your message, or might not have noticed when it arrived; either way, the thread of communication stopped there.

Most secure text messaging software on the market actually makes this problem more severe. Unlike SMS text messages, you need a data signal (WiFi or cellular data) in order to get notified about a secure text message that was sent to you. Most hospitals are riddled with dead zones where you can't find out right away that a secure text message was sent to you because there isn't enough data signal for push notifications to reach you. This is dangerous in the hospital setting where providers are sending time-sensitive clinical information and they expect it to work like SMS.

To solve this problem, seek a solution that will automatically follow up on your behalf. Replaying the scenario described above, if the recipient hasn't received or hasn't read your message after a period of time, the software should automatically follow up with an SMS text message reminding them that they have a secure text message from you. Even if they don't have a data signal, they can get this text message reminder - you don't have to remember to text them to see if they got your first message because the system does it for you.

Ideally the software should follow up again, this time with an automated voice call, if the recipient still hasn't read your message in pMD after even more time has passed. Though more intrusive than an SMS, the voice call is appropriate for time-sensitive messages like a stat consult - in other words, situations where you yourself would call the recipient if you didn't get a quick reply... if you remembered to. Automation makes this consistent and saves you the trouble.

If the recipient got distracted or was unreachable and never read your message, at a certain point you want to know that. Most secure and non-secure messaging systems require you to actively keep checking the status of the message to see if it was read. You should look for a system that instead closes the loop by actively letting you know that the recipient hasn't read it yet after more time elapsed. This way you don't have to check the status of the message and you can't forget to check it.

Putting all these reminders together, you should seek a secure text messaging solution that acts like a concierge or assistant for your communication. It should follow up for you, using different types of reminders that don't rely on data and that become increasingly hard to ignore. Finally, if your message still wasn't read, the system should let you know so you can try to reach the person a different way, or find someone else to contact. That way if your message wasn't read, you'll be the first to know.

These follow up actions shouldn't be needed most of the time, but when they kick in, you’ll be relieved to know that your message isn't just sitting out there in limbo. Hospital-based physicians can find great peace of mind in knowing that their messages are not only secure, but also persistent.
We released our secure text messaging product last week and our secure messaging video is finally complete! In this video we exemplify the importance of secure messaging and the consequences associated with underestimating its relevance.

It has been a few months since the pMD team and Belljar first started brainstorming ideas for the video. We had many long discussions as to what we wanted it to look like, what we wanted it to sound like, and even what we wanted it to feel like. There was a lot of blood, sweat, and tears that went into this messaging video, but good tears, not bad ones.

Throughout our creation process, there were plenty of ideas that led to hours of meetings and edits. At one point in our process, we had a lengthy conversation about our character, Dr. Fast Thumbs’, interaction with his patient.

There were R-rated variations of the interaction showing the patient in a vulnerable position that made any woman and most men who saw it cringe. We decided that we needed to tone it a down and were presented with a new version. But with the new G-rated version, we barely saw the patient, and there wasn’t much context as to the “sensitive patient information” that was being shared by Dr. Fast Thumbs. After another discussion, we finalized the scene somewhere between a PG and PG-13 rating, showing the patient head on, but above the patient's knees.

Whether it was the style of background music or the actions of our characters, we broke down each others’ ideas and created a cohesive and comprehensive story that explains what secure messaging means for health care practices. Not everyone may understand the significance of secure messaging, but to people in the medical field, they either know how serious it is, or they will after watching our segment. By sending unencrypted messages, you open yourself up to the possibilities of fines, lawsuits, and even jail time.

We hope that our secure text messaging video helps the medical world understand why encryption and HIPAA compliance is important. Without further ado, enjoy the video!


We’re all excited to move past this frigid, never-ending winter and greet the warmer weather of spring. For me, this season means doing some spring cleaning, and this past weekend, my wife and I spent time on the yard that we have neglected over the past several months. I tend to procrastinate doing the initial work, but I always enjoy seeing the positive transformation of what the yard looks like after our cleaning.

Likewise, it's a also good time to do some spring cleaning around your practice, hospital, or organization. Every year it seems to be the same story: find additional ways to improve revenue and cut costs. In my last post, I discussed questions that you should be asking when evaluating new technology and charge capture software for your organization. Below, I've outlined three areas for your spring cleaning checklist:

1. What is Your Charge Lag for Hospital Billing? The length of time from the date of service to when your billers submit claims can often be days and even months, and some hospital charges may not make it to the office at all. This is an area that proves to be challenging because physicians are extremely busy and moving from one location to the next while being asked to keep up with pieces of paper, index cards, or excel spreadsheets that are the lifeline of the practice's revenue. Reducing your charge lag can be the difference of getting paid faster and earning interest on your revenue. And with some payer deadlines, it can be the difference of getting paid at all.

2. What is Your ICD-10 Plan and Strategy? We all received some extra breathing room on this massive change in health care due to the recent legislation that delayed the implementation of ICD-10 until 2015. However, the well-run organizations and practices that I've spoken with are planning on using the extra time to successfully implement their plans, educate physicians and staff, and move forward with leveraging the extra time to practice their ICD-10 roll-out. This strategy has allowed them to not be caught off guard and rushed, which was a recurring theme with many of the practices I spoke with earlier this year.

3. Are your Physicians and Staff Really HIPAA Compliant? I would conservatively say that eight out of 10 practices and organizations that I speak with recognize that their physicians and staff are sending SMS / text messages that include a form of PHI that could result in a HIPAA compliance violation. Many look the other way or laugh this off stating they cannot get their physicians to stop; however, it's scary to think about what information may be sent through non-secure channels when I think about myself as the patient. The reality to every physician owner, CFO, and compliance officer is that you could be fined up to $50,000 for one HIPAA violation. There is certainly nothing funny about that. Implementing secure, easy-to-use software can assist in eliminating HIPAA violations and instances of non-compliance.

As you study these three areas of your practice, you should be able to uncover opportunities that can have an immediate positive impact and that will put you in a strong position heading into 2015.

In my next post, I'll be sharing ideas of how charge capture can be part of your strategy to improve charge lag, ICD-10 planning, and HIPAA compliance.

Actor John Getz.

Narration can make or break a video. There are many narrative voices to choose from, but it's a matter of finding the perfect one to fit your videos' theme and tone. With our secure messaging video script in hand, we set out to find the perfect voice. We asked ourselves a few questions: Did we want the voice of God? Did we want it cutesy and fun? Did we want it playful and magnificent? No, none of the above seemed to fit - we needed something else.


With the help of Belljar, we found our inspiration in classic, 1950s, instructional videos. The tone of the narrator is friendly, and the videos teach a lesson to the viewer, much like we are doing in our secure messaging video. Now that we had our tone, we needed to find the talent. Fortunately, we had the perfect person in mind.

Introducing, actor John Getz. Belljar used his talent in our pMD charge capture welcome video and we felt that he would remain the perfect candidate for our new secure messaging video. Our team at Belljar sat down with John in a Los Angeles sound studio, ready to capture the narration. On the pMD side, we got patched in via phone to our San Francisco office and had the opportunity to listen to the live recording. It was possibly one of the most fun events I have taken part in. There were constant jokes and anecdotes being thrown around the studio, and getting to hear John read our script and make it come to life was unbelievable; we are grateful to have had the opportunity to work with John, he is a truly amazing talent.

Included below is the final voice-over of the secure messaging video. Close your eyes and give a listen, you'll be glad you did.

One of the best parts about making a video is letting your creativity roam free. We worked with our amazing partners at Belljar to come up with the perfect script and accompanying graphics for our video.

If you have read our previous posts, you already know about secure messaging and why it’s important, so let me tell you about our story. Our video starts with a closeup of Dr. Mustachio. He’s working with a patient, performing an exam, and sending a message to a colleague using pMD Messaging. Shortly after, we cut to Dr. Fast Thumbs. Dr. Fast Thumbs is a physician, just like Dr. Mustachio, except he doesn’t use pMD Messaging. Instead, he uses unencrypted text messaging, and doesn’t realize the consequences associated with it.

Dr. Fast Thumb’s message gets intercepted, leaving his patient’s information in the wrong hands. HIPAA does not approve of his carelessness and he is forced to pay hefty fines and even serve up to 10 years in prison.

I want to highlight a few moments in creating our boards and script in order to give you a glimpse into our creative process. When we started thinking about how our video would work, our friends at Belljar mocked-up a few slides in order to get the look and feel just right. The slides are hand drawn in order to quickly and efficiently get an idea of how we were going to visually tell our story. I have included a few slides and pieces of the script below:


“Dr. Mustachio uses pMD Messaging to send and receive sensitive patient information in real time.”


“This is Dr. Fast Thumbs’ patient. She has a highly personal health matter she would prefer to keep private.”


“Unencrypted texts can have major consequences, Dr. Fast Thumbs.”

I hope you enjoyed this glimpse into our secure messaging video. In next week’s post, we’ll let you have a listen to our script, read by myself and Adam Kenney.
doctor-fastthumbs-thinking-whats-in-a-name

How is it that we name things? Whether it be a new product or even a child, what goes into the process of naming it? When we started thinking about our new messaging application at pMD, we went through a rigorous naming expedition, constantly brainstorming, coming up with the most crazy as well as some of the most simple ideas. Our names ranged from Soteria, the Roman goddess of safety, all the way to Bleep. In total, we came up with over 120+ names, some of them thoughtful and ambitious, others droopy and just a little too spontaneous.

I picked out some of my favorites for your reading pleasure:

- Bleep
- Can't Text This
- Odin
- Howdy
- SuperTube
- Safety Pigeon
- Soteria
- Lock & Key
- Bona Note
- Bleat
- Cryptext
- Flow
- Happy Text
- Avocado

At the end of the day, we knew we wanted to keep the name simple, precise, and to the point. Unfortunately, none of the above names seemed to fit those criteria, but that didn't mean we'd stop trying.

At pMD, our users consist of mostly doctors. Interestingly, that doesn't mean that the people shopping around for pMD are always doctors, they could be practice administrators, staff, and sometimes even family. We wanted to make sure that our name meant something to anyone who came across it and that also lent itself to our brand and already popular pMD charge capture application. So, we kept it simple and precise, naming our secure messaging application, pMD Messaging. In doing so, we kept the pMD brand, the name recognition and understandability, and our sanity for another day until the likes of Safety Pigeon take over.
As a patient, you should be able to assume that your private health information is safe and guarded from the outside world. Unfortunately, this may not be the case. Unknowingly, many physicians are using unsecured, unencrypted methods of messaging that leave your personal matters a little less private. These methods include, but are not limited to, text messaging, and even email.

As Jen mentioned in our last post, apart from your data floating around, your doctor could be fined thousands, or even millions of dollars for sending unsecured information! Imagine you are at the hospital with a broken arm. You have just sat down to look at your x-ray and your doctor decides that he wants to send it to your primary care physician. So, the doctor takes out his phone, takes a picture of the x-ray, and sends it over. That could cost your doctor upwards of $50,000 for one text! There has to be a better way to do this, and there is.

At pMD, we have found a way to solve this problem. We have created pMD Messaging, a secure, encrypted, HIPAA compliant messaging platform that physicians and patients can rely on. Other than its ease of use, one of the many features that makes our secure messaging so special is its integration into our charge capture solution (learn more). Having messaging directly incorporated into the software limits the amount of app switching and allows for quick access to patient records. Instead of two separate applications, you can find the patient and compose your message in the same instance. This is especially important for specialists whose time is very precious when it comes to patients. Specialists need to send and receive information about their patients very quickly, making an app that incorporates both messaging and charge capture the perfect match. Better yet, you can message physicians outside of your practice too!

To explain the importance of secure messaging, we are in the process of creating a video featuring our very own Doctor Mustachio and a new character named Doctor Fast Thumbs. In making this video, we are looking to show a serious situation with a humorous tone. Engaging an audience can be a very difficult task, especially with a topic that can be bland and boring. Over the next few weeks, we'll be posting updates on our progress and giving you a glimpse into the world of animated, video creation, and what it means to use secure messaging.