Brightsquid boosts secure messaging for doctors

By Rosie Lombardi

Rohit JoshiA Calgary company says it has solved the security issues in healthcare communications, and it’s growing dramatically now that Alberta-based doctors can bill for the time they spend on digital messaging. Started up in 2009, Brightsquid has over 30,000 users on its secure e-mail platform, and it’s adding about 1,500 new users every month. The company is also fostering innovation by opening its platform to app developers who need a tried, tested and true secure communications component to develop new products.

Brightsquid has spent years perfecting a secure communications platform that meets the most stringent requirements, says CEO Rohit Joshi (pictured). “We do about 7 audits per year for security compliance and to ensure that our procedures and processes meet and exceed standards.”

Thousands of Brightsquid’s longstanding users are actually based in the U.S., where security concerns are paramount due to the threat of lawsuits against clinics that fail to safeguard their patients’ data.

Demand for Brightsquid’s service exploded in Canada this year because Alberta introduced some new e-billing codes in April for communications doctors conduct with specialists and patients.

Doctors finally have both the right incentives and robust technology to communicate online, says Joshi.

“We have more work than we can fulfill right now in Alberta. And Ontario and B.C. have introduced similar e-billing codes.”

Brightsquid has a simple sign-up model that allows doctors to build their networks of specialist and patient contacts with minimal back-and-forth. For a monthly subscription fee of $30, doctors can communicate with as many contacts as they want.

“The recipient of a subscriber’s message has to join our service too because we have to manage security at both ends of the communication. A doctor sends an invitation so recipients can join his network of contacts, but there’s no fee at the patient’s end. Recipients can communicate back with the doctor who invited them without charge.”

Different validation checks are conducted on paying and non-paying users of Brightsquid’s system, he says. “When we get a new paying user, we confirm identity details in compliance with HIPAA requirements in the USA as well as with the Privacy Offices in Canada.”

Recipients of the paying user’s message have a simpler secure sign-on to join the network. “If they’re healthcare practitioners, they just have to provide their first name, last name, and address. For patients, we do a slightly different authentication there, where we challenge to provide the right birth-date on sign-on and other information.”

Once secure connections are established, doctors can easily send e-consult requests to other specialists and lab results to patients directly. Delays, wait times and administrative back-and-forth have been dramatically reduced in clinics that use Brightsquid, says Joshi.

“Imagine the efficiency that comes when you can cc the patient on a referral to a specialist. It sounds like such a normal and obvious thing, but now the specialist can communicate directly with that patient about the time for that appointment to occur, cc the GP and let the GP know that it has been taken care of. One e-mail out, one response back. No phone calls or fax exchanges needed.”

Joshi says developing privacy and security mechanisms are a major challenge for developers and start-ups. “When we meet with other companies about healthcare innovation, a consistent theme we hear is that they’re stumbling through the privacy requirements.”

To tackle this, Brightsquid is making its platform available to developers who want to build their applications on top of their platform to ensure they’re creating a system that complies with all privacy regulations.

Two apps are in the development pipeline already, and will likely be released by the end of 2016.

“It has cost us millions of dollars to create a secure and compliant system, and we hire hackers to test our security. However, if all we do is push through a secure-mail product, we’ve missed the opportunity to enable innovation to actually occur through our system.”

For example, Brightsquid is paying another company to build a dermatology app for the iPhone that allows doctors and dermatologists to send and receive confidential messages with images.

In this fashion, Joshi hopes to extend Brightsquid’s reach in interesting new directions beyond e-mail. “We’ve already made the investments needed to create a very secure system. Our message to innovators is: We have all of the backend you need to build a secure app.”

For more information, visit