Patient Specific Care Team Directory

Many mobile healthcare solutions incorporate a staff contacts directory into their product. However, as useful as this directory is, knowing who to contact relative to a specific patient, is much more unique and valuable.

What is the Patient Specific Care Team Directory?

MH-CURE incorporates a patient “specific” care team directory. In addition to the traditional contacts directory, users can view the entire care team specifically assigned to each patient within the patient details screen of the application.

To view a patient’s care team within MH-CURE, the user clicks on a patient name, and the patient’s full care team directory will appear. If a user has access to all patients, then they will be able to see the care team for every patient listed in MH-CURE. However, if a user has Protected Health Information (PHI) restrictions, they will only be able to view patients, and the corresponding care team, for the unit they are working in.

The patient specific care team is displayed by role with prominent headers to avoid confusion. The first group of care providers displayed is the “Dynamic Care Team.” This team is typically composed of hospital staff that is most frequently working with the patient such as the patient’s nurse, tech, and charge nurse. Beneath the Dynamic Care Team, if available, will be displayed the patient’s physicians, such as the attending, admitting, primary care provider, and consulting provider.

How are care team assignments made?

There are numerous ways for the care team assignments to be made. The Dynamic Care Team can be assigned to a patient through several methods depending on the hospital’s current workflow.

  1. If the hospital uses a staff assignment system, MH-CURE has the ability to interface with the system. This means that when a care provider is assigned to a patient in the hospital’s staff assignment system, the care provider becomes assigned to the patient in MH-CURE. This eliminates the need to make the assignment in multiple systems.
  2. If the hospital does not have a staff assignment system, MH-CURE has an internal assignment module. This module is simply an additional icon in the application when the software is deployed on an iPad.
  3. MH-CURE also has the ability to allow users to self-assign themselves to patients directly within the application on the phone. To match up with a hospital’s policies, this ability can be granted to some users and restricted from others through MH-CURE security permissions.

The attending, admitting, primary care provider, and consulting provider are all assigned to the patient through the EMR’s HL7/ADT interface. If a patient’s attending, admitting, primary care provider and consulting provider, are listed in the HL7/ADT message, then they will populate within the patient’s care team directory in MH-CURE.

How is the patient specific care team utilized?

When viewing the patient’s care team, you will see the user’s name, role, current unit, primary hospital, and status. The status shows whether the user is Online, Busy, Idle, Offline or Off-Duty. From here you can click on one of the patient’s individual care providers.

For example, you are the patient’s attending physician, and you want to contact the patient’s current nurse to ask about the patient’s current pain level. From within the patient details screen, simply click on the nurse you would like to contact. You will then have the option to text or call the nurse directly. You can also contact the patient’s entire care team by sending a broadcast message to the care team.

So why is the patient specific care team so important?

The ability to see who is caring for which patients, and then be able to contact them through text or phone with a couple clicks can dramatically speed clinical communication. Many times it takes several phone calls to figure out whom the care provider is, let alone finding the correct phone number to reach a colleague. Quick communication through MH-CURE means less frustration for care providers and improved work satisfaction. Quick communication may also allow providers to provide care faster, and to spend more time with patients. This can help to provide the highest level of care to patients, which may improve patient outcomes and satisfaction!

Security in Clinical Communications

Everyone is talking about security for mobility and patient centric communications. Our focus is on patient specific communications, and protecting information when caregivers need to have a conversation about a patient or share an image, video or text.  There are several areas that you should think about when evaluating clinical security data.  This blog touches on several of them.

Internal versus external storage of data

You need to ask yourself: Do you want to have all this data stored in the cloud on a server provided by the application vendor and shared by many organizations, or do you want to have all the patient data kept in your EMR (i.e. controlled by your hospital)? Most hospital policies mandate that all patient data be stored internally as it is easier to have an audit trail on who has access to the data.

Who can access the data?

Obviously, you want your caregivers to be able to access the data on an as-needed basis. So, you want to set up roles and permissions for each role. For example, who is allowed to see wound pictures and who can take pictures?  One important requirement is that these permissions need to be linked to the regular network and badge permissions. I recall a huge breach in a retail organization that was created when an employee left the company and his network credentials were disabled but his mobile application credentials were being used after he joined a competitor! The entire mobile project was suspended as a result of the breach.

Where should caregivers access the data from?

Some caregivers working on a shift will want to see that data while in the hospital, while others might want to have access from home or on the road. Setting up the correct security infrastructure to allow access from everywhere is always challenging and requires a knowledgeable vendor working with the hospital security team.  The goal is to keep the data encrypted and inside the hospital while allowing mobile devices to see the data from the outside. Considerations on where to locate the communications servers (i.e. DMZ – which is sort of half in and half out of the firewall versus opening access to server inside the firewall) are crucial discussions before installing the software.

What devices are allowed access?

Hospital-owned devices are easier to control and there are many MDM (Mobile Device Management) applications in the market that allow organizations to control these devices both in terms of security and profile. These applications allow you to decide what applications can be installed on the device, provisioning it on your network and disabling the device, if necessary.

Personal devices

With the BYOD (bring your own device) trend becoming popular, securing personal devices is becoming critical. If I am a physician using my mobile device, I don’t want anyone to install software that can control my device. The challenge therefore is not just to ensure the data is encrypted and proper credentials are used, but that it is the caregiver who is communicating and not someone who spoofed his/her phone.


I remember that, maybe 5 years ago, the entire security questionnaire was “just a checklist.” Since the data breaches in the last few years, having sophisticated tools and personnel to assess the security risks in a project is essential for the CIO of an organization. Having a data breach is the one sure way to ensure a very short tenure in an enterprise CIO position. If you want more details on how to set up your mobility program and testing against malicious penetration and denial of service attacks, feel free to drop us a line at