In this episode, we’re pleased to welcome Anurag Lal, President & CEO of NetSfere, to discuss the true cost of secure healthcare communications.Learn how to listen to The Hospital Finance Podcast® on your mobile device.
Highlights of this episode include:
- How using instant messaging platforms can be risky
- Why compliance violations and healthcare data breaches have been on the rise
- Financial impact a compliance violation or healthcare data breach has on an organization
- What healthcare finance professionals can do to help in the decrease of cyber-attacks and HIPAA violations
- How much would a healthcare organization have to allocate for a secure communication platform
Kelly Wisness: Hi, this is Kelly Wisness. Welcome back to the award-winning Hospital Finance Podcast. We’re pleased to welcome Anurag Lal. Anurag is the President and CEO of NetSfere. With more than 25 years of leadership and operating experience in technology and mobile industries, he was appointed by the Obama administration to serve as a Director of the U.S. National Broadband Task Force, part of the Federal Communications Commission. He and his team of innovators are transforming everyday messaging technology into secure, highly scalable communication platforms. In this episode, we’re discussing the true cost of secure healthcare communications. Thank you for joining us today, Anurag.
Anurag Lal: Kelly, great to be on your podcast.
Kelly: Well, let’s go ahead and jump in, shall we? In fast-paced settings such as hospitals, email and telephony aren’t always the fastest way for staff members to communicate. So, they might resort to popular instant messaging platforms. Why is this risky?
Anurag: Well, first and foremost, in a hospital environment, like many other environments, communication is key. More so, when you are dealing with human lives and looking to provide the best possible healthcare, effective communication, instant communication is extremely important. The second aspect of this is not only is communication important, but you want to do it in a manner where it is widely available throughout your staff, whether that be your nursing staff, your physician staff, what have you, and available in a manner that’s convenient, easy to use, but more importantly, it’s secure. There are a lot of regulatory requirements that our healthcare system mandates, and all those requirements are for good reason. And then add to that, the heightened cyber environment that we’re all dealing with. We’ve seen so many stories in the past few years and months about how healthcare facilities have been held for ransom by third parties who are looking to kind of cripple the system for their own financial gain. Now you wrap all of that together, and healthcare facilities become ideal targets. And that’s why it’s imperative that when they do go out and look to deploy or make available or select communications platform, they don’t negate the importance of mobile messaging.
And again, mobile messaging is something that’s not new. Everybody’s been using it. We all do it on a day-to-day basis, but it’s become that much more important. It’s become important because of the Gen Zs who have been coming into the workforce. Regardless, everybody is using it because it gives you– again, we’ve seen data around this. We’ve seen data which tells us that if you use mobile messaging, it basically is responded to in an average of 15 minutes, which is immediate. And again, use the backdrop of a hospital environment and then you know how important mobile messaging is. And a lot of times, people forget the importance of mobile messaging in their communication surround, if you may. And so we have been propagating the importance of it, and more importantly, propagating the importance of selecting the right platform. Because if you don’t, if you go back to my opening comments where I talked about all the reasons why you should be using it, if you don’t select the right platform, you essentially put all of that at risk. You put patient care at risk because of the lack of effective communication. You put regulation and regulatory requirements at risk because the communications aren’t encrypted and secure and don’t conform to HIPAA, for instance.
And most importantly, you open a hole into the organization that can be leveraged by a third party for the wrong reasons, essentially creating a huge financial and intellectual liability for your organization. So for all of those reasons, it’s very important to provide the right solution and steer your end users away from using consumer apps who were never meant to deliver everything that I just talked about to an enterprise, especially a hospital.
Kelly: That makes a lot of sense. Why do you think compliance violations and healthcare data breaches have been on the rise in recent years?
Anurag: See, it’s for a number of reasons. First and foremost, through COVID, we accelerated digitization and the use of digital technologies across the board. And hospitals and medical facilities were no exceptions, right? And a lot of that digitization happened in a rush. And so sometimes not the right solutions were selected. And in that rush for digitization, a lot of times solutions weren’t deployed. So, end users within these facilities decided to use their own applications that they were familiar with. Again, these applications were consumer-based applications, never meant to be used in a hospital setting, never meant to be secure, never meant to be compliant, right? And that essentially allowed third parties to leverage cyber as a means of financial gain. Now, if go back in time, we’ve always had issues around phishing, cyber-attacks, and security breaches. But a lot of times, this was being done by small criminal organizations. But now, cyber has essentially become weaponized, and you have state actors leveraging that same platform. So, if you add up all the causes that I just laid out for you, it creates an environment that is extremely, whether you like it or not, risky. And for that specific reason, you have to deploy the right solution. And that’s why we’ve seen all of these instances skyrocketing because of a lack of the right solution and the lack of the timeliness of deploying the right solution.
Kelly: Completely agree. What financial impact does a compliance violation or healthcare data breach have on an organization?
Anurag: It’s huge. And especially in the case of healthcare, but across the board, if you’re a regulated organization, you have obligations by which you have to stand by. And that goes hand in hand with how you communicate, what you communicate, how you save those communications, how you archive those communications, right? Now, take it in the context of healthcare. That becomes that much more important because there’s very clear regulatory requirement and guidance, right? Now, these entities who come to you, leveraging cyber means, recognize very easily the importance of that data for that entity. So, they know if they hold that data for ransom, they will be able to twist the arms of the organization and force them to pay to unlock that data. And so we’ve seen instances skyrocket. And on one side, there are regulatory instances. On the other side, there are cyber instances. And the risk to an entity ranges anywhere from $4 million per incident to over $11 to 15 million dollars per incident. But regardless, the theme is simple. If you risk this, you will have to pay. So, you have to start taking this seriously.
Kelly: Yeah, the financial impact is quite substantial. What can healthcare finance professionals do to help in the decrease of these cyber-attacks and HIPAA violations?
Anurag: So first and foremost, they have to recognize that mobile communications is here to stay. Everybody has a smartphone. Everybody leverages it, whether you’re a physician, whether you’re a nursing practitioner or a nursing assistant, what have you, or a patient. Everybody has a smartphone, and everybody uses them to communicate. Their favorite communication platform within that smartphone is mobile messaging. I’m not making that up. There’s a recent Pew Research study that actually listed out the top 10 most-favored applications on a smartphone, and mobile messaging was number one. But entities, organizations, companies, medical facilities, hospitals were late in recognizing the importance of addressing that need within their organization. They felt by deploying the likes of whatever platforms that they’ve deployed that provide their employees a means to collaborate effectively will take care of this important segment as well. Guess what? Mobile messaging was not taken care of. It was not addressed. So, what happens? Nature finds a way, and employees bring in their favorite application and start using that to fill a gap, a gap that has been made available by the IT organization or the hospital or the enterprise themselves by not recognizing the need. And by introducing a consumer application, they open a hole. And when they open a hole, that creates a problem. So, they have to recognize that mobile messaging is extremely important. It’s the number one most-favored application on a smartphone.
And they have to start deploying applications and platforms that have been tailor-made for the enterprise, like NetSfere, that deliver a secure, encrypted, simplistic, easy-to-use messaging mechanism and environment that allows them to do what they want to do best in a simplistic manner while at the same point of time keeping the hospital secure, keeping their data secure, closing the cyber holes, and essentially saving the hospital from a regulatory embarrassment, negative publicity when they get hacked and when they get ransomware attacks or get locked out by a ransomware attack, and at the same point in time, are able to deliver exceptional patient care. Kelly, I’ll share with you a data point here. We have a lot of hospitals that are our customers. And not only have we allowed them to save, like I said, from a regulatory standpoint or from a cyber standpoint, we’ve also allowed them to effectively enhance their patient care and experience. A large hospital that’s using us across the board, across their nursing and physician staff, themselves came to us and told us that they were able to save between 20 to 30 minutes in an urgent emergency trauma environment, where the golden hour is so important, by deploying a solution such as ours. So not only are you protecting the organization, but you’re also ensuring your patients get the best chance and the best care. So why would you not do that?
Kelly: Wow. Yeah. Totally. Why wouldn’t you? When creating a fiscal budget, why should secure communication platforms be a part of it? And how much would a healthcare organization have to allocate for one?
Anurag: See, we’ve all recognized the importance of secure communications. We’ve also recognized that mobile is number one. We also understand that people who were late to the game, didn’t recognize that, and as a result, have not budgeted for it, right? And so, I think it’s important for people to, one, recognize this is important, two, understand they have to do something about it. They can’t put their heads in the sand and pretend this problem is going to go away. Guess what? It’s going to increase exponentially. And if you think your organization is safeguarded and won’t get hit, guess what? You’d be surprised and it’s going to happen sooner than later, right? So, let’s budget for it. In fact, I would actually encourage you to take budget out from some of your other projects and align it and assign it to more effective, secure mobile messaging today. Don’t wait for the next budget cycle. Come work with us. We’ll work with you to help you kind of manage that as well as you look to deploy NetSfere within your healthcare facility. Because waiting six to nine months is too risky. It’s too dangerous, and it’s not something I would recommend. You have a budget today. Try to reallocate. If you can’t, come talk to us. We’ll help you work that problem. If you don’t want to talk to us, you want to wait till you have a budget, then do so expeditiously.
Most hospitals, healthcare facilities, and companies have discretionary spending that is allowed in certain cases where there is a sense of an emergency. And guess what? This is as important as it gets. Now, with regards to how much you want to budget, our platform does not cost that much. Okay. We deliver a per-user, per-month model. It’s a cloud-based service. Anywhere between $7 to 10 to 15 dollars per user, which is nothing in the overall scheme of things. And then depending on the number of users you sign up for, that number obviously shifts downwards. So that will give you enough of an idea of how much you need to budget, depending on how small or large your organization is and how many people you want to deploy for. But do it now. Don’t wait for that attack. Don’t wait to be embarrassed. Don’t wait to put your job on the line. Do it. Make your end users happy. Make them more productive. Make them more effective. Give your patients a better care experience, and keep your organizations secure and compliant.
Kelly: You certainly make a good case. What features or qualities might one look for in an improved communication system for a hospital?
Anurag: First and foremost, it has to be easy to use. It has to be easy to use so people can pick it up and start using it immediately. We’ve built NetSfere– and years ago, when we first launched it, I tested it with my grandma, and I gave it to her. And she was using it literally in a matter of minutes. So, it has to be easy to use. Second, it has to be mobile first because that is the device of choice that everybody is using. Nobody wants to sit behind a laptop unless you’re forced to do so. If you have your phone in your hand, you want to be able to use it and use it in an effective manner. So easier to use, has to be mobile first. We built NetSfere mobile first. So, we appreciate the importance of that. Third, more important than that, is it has to be secure. Now, not just secure. It has to be secure leveraging end-to-end encryption. And when I mean end-to-end, I mean true end-to-end because people sometimes misrepresent what end-to-end effectively means for them. So, challenge your vendor when they come and say they have end-to-end encryption. It should be end-to-end, starting at the device, ending at the receiving device. And no way along the way should anybody have the means to decipher that communication or intercept it.
The way we built NetSfere, we encrypted end-to-end in a manner that even my engineers can’t read anything that goes back and forth. If somebody was to intercept it, it’d be gibberish. And obviously, gibberish can do no harm, right? So again, mobile first, easy to use, encrypted. And plus, I think it’s really important to make sure that we provide, within that messaging surround, enough of the capabilities, feature functionalities that end users are used to, like voice communication, voice recordings, archiving capabilities, because the regulatory requirements require you to be able to archive. All of those. And most importantly, out of all of that, also make sure the platform provides complete control to your IT organization. Because at the end of the day, they are responsible for selecting, deploying, and managing these platforms. And if you don’t give them the right tools to manage and control that deployment, they effectively can’t do their jobs. So that’s, again, a reason why we built NetSfere with a very powerful control mechanism that allows a hospital or an enterprise or agency’s IT organization to manage all aspects of how our product is deployed, used, leveraged, and managed on an ongoing basis. So, to recap, make sure it’s easy to use. Make sure it’s mobile first, encrypted, has all the productivity and archiving features that allows you to be compliant from a regular perspective. And finally, it also allows you to provide complete control to the IT organization.
Kelly: That’s a great list. Very comprehensive. We really appreciate you joining us today, Anurag, and for sharing your insights on the true cost of secure healthcare communications.
Anurag: Absolutely, Kelly. Happy to be here.
Kelly: Yeah. And if a listener wants to learn more or contact you to discuss this topic further, how best can they do that?
Anurag: I think the best place to go is to our website at www.netsfere.com, N-E-T-S-F-E-R-E dot com. You’ll find a whole bunch of case studies in there, use cases, examples of how we’ve gone out and effectively assisted, helped, and supported a range of different organizations, including healthcare organizations across the globe. And hopefully, you’ll be able to pick up on commonalities on what you do or what your requirements are, and what we’ve also addressed. But if you need to reach out to us, there’s also contact information available there. There are also great white papers. We’ve kind of partnered with a range of different analyst organizations who come and keep us honest, but at the same point in time, present to you aspects of what we do from their point of view, which I think is very useful to get a perspective on. So, our website is a great resource, and I would highly encourage anybody who wants to come take a look at–or reach out to us, connect with us on our website. We’re also on LinkedIn. That’s another great platform to connect with us. And once you reach out to us, we’d be happy to come meet with you, spend time with you, and help you address your secure messaging needs.
Kelly: Very good. Thank you so much for sharing that. And thank you all for joining us for this episode of The Hospital Finance Podcast. Until next time…
[music] This concludes today’s episode of the Hospital Finance Podcast. For show notes and additional resources to help you protect and enhance revenue at your hospital, visit besler.com/podcasts. The Hospital Finance Podcast is a production of BESLER | SMART ABOUT REVENUE, TENACIOUS ABOUT RESULTS.
If you have a topic that you’d like us to discuss on the Hospital Finance podcast or if you’d like to be a guest, drop us a line at firstname.lastname@example.org.