At Practice Unite, we are often invited to participate in secure messaging RFP’s. As concerns over HIPAA compliance increases and the risk posed by unsecured texting becomes a bigger concern for healthcare systems, there is an increased level of interest in secure texting enabled mobile apps as a way to provide clinicians with an encrypted messaging solution.

Some organizations are taking the issue seriously enough to undergo a thorough RFP process. If you are undertaking a similar process we thought you might useful our compilation of the best questions we have seen in RFPs for secure texting solutions.

Our compilation of secure messaging RFP questions cover the following areas:

• HIPAA Compliance – e.g. “Describe your HIPAA security procedures”
• Passwords and login Management e.g “Can Logins be disabled without being deleted?”
• Administration and Portal Information e.g. “Only administrative users have the ability to create new accounts”
• Messaging Features, e.g. “How long does a message stay on user’s device?”
• Messaging Back-up, e.g. How are messages archived?”
• Technical Specifications, e.g “Are on-site servers required or is there a cloud-based or hosted product?”
• Integration Options, e.g “Does product support EMR integration?”
• Auditing and Reporting, e.g. “What data is included in audit log?”
• Implementation: e.g. “Describe support during implementation”
• Support Options, e.g. “Describe the problem reporting process”

Even if you are not issuing an RFP, you may find these helpful simply to ask your prospective secure messaging vendor.