Blog

Doctor wearing stethoscope holding digital representation of public health, health IT, and the future of healthcare technology
Connecting the Healthcare Ecosystems: Interoperability, Healthcare IT, and HIMSS 2022 1024 430 Doug Rubino

Connecting the Healthcare Ecosystems: Interoperability, Healthcare IT, and HIMSS 2022

Despite the likelihood of no spring training games in Florida this year, I am still looking forward to some warm weather and sunshine during the upcoming HIMSS 2022 conference in Orlando!  As a veteran of the health information technology (HIT) community, I cannot think of a more exciting time to be a part of this industry, or to participate in next week’s conference.

One area that I am particularly interested in discussing and learning more about at HIMSS is public health. Specifically, how through technology and policy we can effectively enable the public health and general healthcare ecosystems to interact with one another.  To add some clarity, the general healthcare ecosystem is what most of us are familiar with and operate in today with respect to the delivery of care (e.g. local healthcare integrated networks, primary care physicians, pharmacies, etc.). Public health data systems are critical sources of actionable information used by federal, state, tribal, and local public health agencies to protect communities against infectious and non-infectious public health threats. A clear gap emanating from the COVID-19 pandemic was the need for greater degrees of interoperability between these two systems.

Due to the COVID-19 pandemic, the Centers for Disease Control and Prevention (CDC) recognized that the public health IT infrastructure was antiquated and in desperate need of an upgrade. In response, the Data Modernization Initiative (DMI) was launched.  Goals of the DMI include upgrading the public health IT infrastructure, accelerating the collection and analysis of clinical data, and developing a cutting-edge IT workforce.  Through these developments, the DMI fills technology and policy gaps by enabling greater degrees of information sharing, interoperability, data analysis, and detection, with the goal of driving positive patient outcomes, and lifting the overall public health of communities nationwide.

There is much discussion around enabling greater degrees of interoperability between the general healthcare system and the public health system. In other words, how can we improve upon the collection and aggregation of data from providers followed by the requisite analysis and reporting to be followed by the dissemination of actionable data back to the healthcare system and communities?

Electronic Case Reporting (eCR) is one of many use cases describing this data flow between healthcare providers and public health agencies around reportable conditions. eCR is the generation and transmission of case reports from a provider’s electronic health record to a public health agency for evaluation, analysis, and action.  As you would imagine, during the COVID-19 pandemic, the number of COVID-19 eCRs transmitted between providers and the CDC skyrocketed.  To illustrate this point, in January 2022 at the peak of the Omicron variant, 30,000 COVID-19 eCRs were transmitted through DataMotion to the CDC every HOUR!  Suffice it to say, the importance of a robust, scalable and modernized information technology architecture is vital to ensuring continuity between the public health sector and the general healthcare ecosystem.

In keeping with the baseball theme, since the onset of the COVID-19 pandemic, DataMotion has served as the nation’s catcher’s mitt for receipt of COVID-19 eCRs and their subsequent transmission to the CDC.  In our role as a Health Information Service Provider (or, HISP) DataMotion has facilitated the transmission of COVID-19 data aggregated from public health laboratories and providers across the nation over the DirectTrust Network to the CDC for analysis and reporting.  In 2020, approximately 10% of the nation’s COVID-19 lab results were routed through our HISP to the CDC as part of the nationwide testing efforts.

These are just some of the thoughts that are top of mind for me as I go into HIMSS next week. Whether you are attending in-person or virtually, I welcome the opportunity to meet and discuss where DataMotion has helped to foster greater degrees of interoperability. Please feel free to book some time on my calendar for an onsite or virtual meeting.

Looking forward to seeing you next week!

Healthcare: A Digital Temperature Check from a First-Time HIMSS Attendee 732 312 Christian Grunkemeyer

Healthcare: A Digital Temperature Check from a First-Time HIMSS Attendee

While I’ve been attending trade shows and networking events for over 15 years, next week will mark my first time attending the national HIMSS conference! I’m excited to attend for many reasons, but first and foremost, I’m truly looking forward to discussing how technology can help improve patient outcomes, a major topic since the introduction of Meaningful Use Stage 1 in 2010. Meaningful Use Stage 2 was introduced in 2012, bringing attention to the need for secure and frictionless digitizing of medical records. In addition to the secure transport, this approach also makes it easy to receive those medical records, lending itself to a seamless transition of care and in turn, helping improve patient outcomes. In today’s blog post, I will dive deeper into this topic, speaking to DataMotion’s involvement in making health information exchange and medical record transmission and receipt a smoother, simpler experience while maintaining security and compliance.

As an accredited HISP (Health Information Service Provider), DataMotion is a major player within Meaningful Use Stage 2, providing Direct Secure Messaging and enabling secure, easy exchange for HIEs (Health Information Exchange), providers, and vendors. As defined by DirectTrust™, Direct Secure Messaging is a secure communication transport for clinical information over the open Internet. DirectTrust describes Direct Secure Messaging as having a similar appearance and function to regular email, but the contents are encrypted via digital certificates and PKI (Public Key Infrastructure). Only the sender and intended recipient are able to decrypt and read the message. DirectTrust further explains that Direct Secure Messaging is a widely-deployed and accessible method with which to communicate sensitive, health-related information, promoting interoperability between disparate systems and organizations within the healthcare ecosystem.

With almost three million Direct addresses in use today, focus has shifted from digitizing transitions to creating a smooth, user-friendly experience and improving patient outcomes based on digital data. DataMotion has had a lot of enlightening conversations with public health IT providers that are leveraging data to provide public health agencies with rapid critical insights in their ongoing battle against the COVID-19 pandemic. But it goes beyond just COVID-19. What if we could pinpoint exactly where a viral outbreak started based on testing data alone? One goal is the ability to transmit sensitive health information securely and leverage healthcare standards like ICD-10-CM/PCS Medical Coding to get us the *right* information without compromising PHI (Personal Health Information) or PII (Personal Identifiable Information).

Today, DataMotion’s Direct Secure Messaging securely transmits millions of messages on a monthly basis, including flu and COVID-19 test results, immunization data, and much more. But Direct doesn’t just have to be clinical EHR (Electronic Health Records) communications–there are so many more possibilities. And these possibilities are precisely why I’m so interested in speaking with population health vendors to better understand how they’re serving their communities.

The pandemic quickly accelerated digital transformation for organizations in all industries, particularly the healthcare ecosystem. COVID-19 highlighted the need for touchless, digital communications in healthcare, especially when dealing with PHI and medical records. This has ushered in a wave of process evaluation and change. Call centers have found that they need to empower their agents to securely communicate with members in a way that’s seamless for both the agent and the member. Another challenge was faxing. Faxing medical records quickly became more difficult during the pandemic, thanks to an almost-exponential influx of patients, increased communications with policy holders, and a virtual army of field nurses working remotely without a home base of operations.

DataMotion is at the forefront of helping health insurance payors communicate seamlessly and securely with their members through secure, natural, familiar ways of communication. Digital communications via chat, email, and document sharing applications have become rapidly normalized, and will continue to expand in the coming years. I’m excited to hear how organizations are integrating these functions into day-to-day applications and systems, and hope to discuss further at HIMSS.

With this being my first HIMSS conference, I’m equally excited to speak with new, emerging health IT vendors, as well as established players in the space. We’re all working together to achieve the common goal of improving patient outcomes through faster and smoother exchange of secure digital communications and health records. I gladly invite anyone to schedule some time to speak with me at the show – you never know what either of us will learn!

Business scheduling unrecognizable woman working
Customer Case Studies, GitHub Tips, and More: DataMotion’s February Hot List 732 312 Andrea Meyer

Customer Case Studies, GitHub Tips, and More: DataMotion’s February Hot List

Happy March, readers! As always, we hope that this blog post finds you well.

The DataMotion Blog hosted articles on a variety of topics in February, including the latest GitHub aggregate, three security-minded New Year’s resolutions every business should make, and the second installment of our Meet the Secure Message Center series.

The new month has ushered in a major news item for us–we are proud to announce that DataMotion’s secure mail and Direct Secure Messaging are now HITRUST CSF Certified! Read more about our latest certification in our press release which went out earlier this week. Learn more about HITRUST.

Finally, Team DataMotion’s Doug Rubino and Christian Grunkemeyer will be heading south to sunny Florida to attend HIMSS22! Doug and Christian are excited about this year’s event and look forward to meeting with other attendees to discuss challenges and opportunities in healthcare. We invite you to set up an onsite or virtual meeting with Doug or Christian to learn how DataMotion’s platform helps healthcare organizations modernize internal processes and improve the client and patient user experience, all while helping you stay within regulatory compliance.

And now, without further ado, we present the February Hot List.

What You May Have Missed in February

Elevating Efficiency and the Customer Experience: Meet DataMotion’s Secure Message Center Inefficient internal processes. Lagging response time. A sub-optimal customer experience. What do these have in common? These were some of the challenges and pain points that our customers had before becoming customers. In this blog entry, Christian Grunkemeyer continues the Meet the Secure Message Center series with some real-life customer case studies. In case you missed it, be sure to read part one of this series.

GitHub Enrichment: 4 Tips for Efficiency and Security We recently wrapped up our latest Hot Tips series on social media, where the DataMotion dev team shared some of their recommended tips and tricks for using GitHub, including scanning for secrets and comparing repo versions. In case you missed part one of the series aggregate, you can find it here.

Three New Year’s Resolutions to (Securely) Achieve Business Goals It’s never too late to set goals for your business. The year is still young, and DataMotion’s Sarah Parks has gathered three solid recommendations to help your organization meet your goals, and has provided additional learning materials for a deeper dive. (In case you missed it, stop by this blog post from January, where we share recommended New Year’s resolutions for developers.)

We’re Hiring

DataMotion is growing! We’re looking for a group of talented folks to join our team and have a number of open roles. Stop by our careers page to learn more about the requirements for each, and how to apply.

That is about it for this month’s Hot List. As always, we encourage you to follow us on LinkedIn and Twitter for more Hot Tips, as well as industry news, insights, thought leadership, and company updates. We also invite you to subscribe to the DataMotion Newsletter to have all of the above and more delivered to your inbox once a month.

Thank you for an outstanding February, and we look forward to seeing you in March!

Coworkers in office smiling and looking at laptop and ipad
Elevating Efficiency and the Customer Experience: Meet DataMotion’s Secure Message Center 732 312 Christian Grunkemeyer

Elevating Efficiency and the Customer Experience: Meet DataMotion’s Secure Message Center

No matter your org type or industry, your customer (or patient, policy holder, or client) is royalty. I say royalty because while you undoubtedly strive to provide them the royal treatment and a smooth customer experience, let’s face it—depending on your industry, compliance is king. And accommodating regulatory considerations can add hurdles to both internal and customer-facing processes, leading to a less-than-optimal experience for clients, and internal inefficiencies.

That is where DataMotion’s solutions and APIs, notably the secure message center, come into play.

In this second installment to the Meet the Secure Message Center series, we take a deep dive into three real-life customer use cases. Each organization is in a regulated industry and sought to improve their customer experience and simplify internal processes while remaining within their industry’s regulatory compliance.

Ensuring an Optimal Insurance Experience

A healthcare insurance start-up had compliance-related, internal efficiency challenges that interfered with the customer experience. The challenges they cited are not uncommon in the sector, where organizations are under strict data protection regulations. But the need for secure and compliant data exchange led to additional steps for both staff and customers. Here is an example, starring customer service reps named Agent A and Agent B, and Mrs. Smith, a policyholder.

Mrs. Smith needs information about her health insurance policy. Agent A will start the call by asking for some basic info—name, member id, etc. When Mrs. Smith asks her question, the agent might need more information, such as a snapshot of a prescription and other sensitive information, so the agent can look up records and eligibility. Because personal identifiable information (PII) is involved, Mrs. Smith would need to send this data securely via email. Below are the steps the agent would need to complete to accommodate Mrs. Smith:

  1. Leave the call center app
  2. Go into Outlook
  3. The next step involves sending a secure email to Mrs. Smith. A separate system is used to send an encrypted email, and including “Secure” in the subject line, triggers the encryption
  4. Send the email to Mrs. Smith
  5. The encrypted email sent to Mrs. Smith includes a link to the secure portal

That’s a long list, and a significant gear switch in the agent’s workflow. But Mrs. Smith also has a few steps to follow:

  1. Upon opening the email, Mrs. Smith needs to click the link to the new portal and create an account
  2. The account setup includes a username and password, along with other registration information
  3. She then logs into the portal
  4. After logging in, Mrs. Smith navigates an unfamiliar portal
  5. Mrs. Smith starts questioning her entire existence, and every decision she has ever made
  6. Mrs. Smith then uploads and submits the information, then logs out

But life happens. In Mrs. Smith’s case, let’s say the phone rang after she sent her information, and she needed to take this call.  After hanging up, Mrs. Smith calls the insurance company to say, I’ve sent my information, please let me know the status of my inquiry. But Agent A is not available, and Agent B is now taking the call. Because Agent B does not have access to the encrypted call notes and communications, the entire process must start all over again.

All Mrs. Smith needed was an answer to a question, and is not what you would call “happy.” Agent B is confronted with a frustrated customer and wants to help, but has no access to the encrypted communications or encrypted records.

After implementing DataMotion’s secure message center, this is what this process looks like:

  1. Mrs. Smith logs into the company’s standard customer portal using her regular credentials
  2. Mrs. Smith uploads her information and clicks submit
  3. Mrs. Smith is done, eliminating a potential existential crisis

The process has been considerably streamlined for everyone involved. The secure message storage repository allows other agents access to see where a previous agent left off. Creating a simple, seamless experience and cutting down on the time it takes to submit and resolve issues has led to much better internal efficiency and improved customer satisfaction.

A Wealth of Customer Experience Opportunities

A wealth management company was using a traditional secure exchange solution. But clients were becoming increasingly tired of having to log into a third-party portal rather than the company’s native customer portal. Customers complained about additional steps, as well as forgetting the username and password that were required. The firm tried new solutions, including redesigning their own secure message and document exchange functions. But the company was clear, as discussed in part one of this series–they are not software developers.  They want to focus on their core competencies and did not want to apply the resources to develop this type of application.

DataMotion was able to meet the company in this use case’s needs by integrating the secure message center into their existing workflow. During the initial discussion, we walked the firm through our basic, secure email functionality and talked about SafeTLS. (In case you’re not familiar with SafeTLS: remember our wealth management client in part one of this series, who sent and received messages through a highly-secure tube system? SafeTLS is basically this, and established email encryption from the advisor’s email server to clients for back-and-forth discussion.)

While many customers requested not to use the unfamiliar portal, others were fine with it, but wanted an easier process. We were able to accommodate this by integrating the third-party portal with the firm’s single sign-on (SSO). When clients log in, they only need the credentials they use on the firm’s website.

For this firm, flexibility was essential. While the secure message center will accommodate a company’s existing workflow, in this case, the firm did make a few changes, and dropped a couple of applications. In addition to a simpler process for customers, one key element was that customers and advisors alike could now send much larger messages than before, as they were previously limited in this capacity.

Merging Security, Compliance and Ease

Mergers and acquisitions involve more than creating a new company letterhead and business cards. There are internal adjustments to be made—including integrating different systems. The challenges in the next secure message center use case involve implementing a smoother, more efficient secure communications flow for clients and CSRs (customer service reps) and accommodating the secure communication needs for over a dozen departments, bringing them all into compliance.

The company is a public consumer finance company (read: a highly regulated sector). Like many companies in this vertical, our client had a self-service customer portal. While customers could access general account information via the portal, there were no secure exchange capabilities.

As mentioned above, there were over a dozen departments of varying sizes using disparate systems from multiple vendors to communicate with clients. This hodgepodge of disconnected systems could not “talk” to one another and needed a central hub to uniformly secure and track each transmission for compliance. As a result, the customer experience looked a little something like this:

  • Customer inquires about status of loan application, and needs to provide sensitive information
  • CSRs must obtain permission to respond to the inquiry, as there is sensitive information involved. This is a long and arduous process—if they cannot send secure messages today, they needed to speak to the security team. Then, the CSR must speak to numerous individuals to request and obtain licenses for a secure inbox, change orders, inbox requests, FTP access, creation and exchange for new credentials, etc.
  • Because of disconnected systems between departments and the number of hoops to jump through and approvals needed, permission could take up to two weeks
  • Customers could therefore wait weeks for a response
  • Nobody was happy. Nobody.

Staying both compliant and efficient was an ongoing burden for the InfoSec team. They needed a cost-effective solution to connect departments while keeping the same workflow and allowing secure exchange with customers. DataMotion worked with the company and took a “fit for purpose” approach, meaning that they could integrate security into their existing systems rather than dismantle the infrastructure. Both customers and staff can continue to communicate in the environments familiar to them, but cut down on response times while keeping information secure, and staying within regulatory compliance.

Securing a Compliant, Simple Experience

To sum up: if your organization is in a regulated industry, compliance is the order of the day. But it doesn’t have to trump the customer experience, nor does it have to create inefficiencies in internal workflows. DataMotion’s secure message center helps you stay compliant and efficient, giving your customers an easy, seamless experience.

We’ve talked about the secure message center’s role in helping regulated organizations remain within compliance but that is not the only reason to consider implementation. In my next series installment, we’ll take a look at some other secure message center use cases where the solution benefits your organization, whether or not bound by regulatory compliance. In the meantime, if you would like to learn more about this and DataMotion’s other solutions, please reach out to me, or to our larger team of experts. We are always happy to assist!

Be Sure To Read the Other Parts of This Series:
Businessman and woman looking at whiteboard with business goals and strategy written on the board
Three New Year’s Resolutions to (Securely) Achieve Business Goals 732 312 Sarah Parks

Three New Year’s Resolutions to (Securely) Achieve Business Goals

While January may have ended, and Punxsutawney Phil has already deemed that six more weeks of winter are coming, it’s never too late to set goals and resolutions for the upcoming year. In a previous blog post, Heather Post offered four new habits for developers to adopt in 2022. This time, our suggested resolutions are for those of you on the business side of your organization. We fully expect that by now, you’ve already charted out your list of goals for the year and outlined how to achieve them. And if you’re like most in the wealth management and financial services verticals, then your goals likely relate to improving efficiency and strengthening client relationships.

The team here at DataMotion has over two decades of experience helping others achieve these objectives. With the advice of a couple of our business-side team members, we’ve compiled a list of three resolutions to help you achieve your goals, while reducing the risk of regulatory fines or data exposure.

Without further ado, below are three resolutions to commit to in 2022.

Three Resolutions to Stick to in 2022

Put Yourself in Your Client’s Shoes

Your team spends a lot of time thinking about how to improve your customer/patient experience. Often, so much that as you generate new ideas, it’s easy to get tunnel vision and overlook what is actually best for your clients. As we’re still in the infancy of 2022, it is an excellent time to step back and look at your strategy from your clients’ perspective. In this vein, let’s consider the following scenario:

Your organization has recognized that customer inquiries are not easily submitted, and has addressed this by adding a messaging channel to your existing mobile app. This is a great feature, and your clients will (likely) be thrilled with the new experience. But this feature might not be the silver bullet you think it is, especially if it isn’t secure. If your clients’ main complaint is that it’s difficult to submit and resolve account questions that contain sensitive information, and they’re still required to pick up the phone or log into a separate web portal to get these questions answered, then this simple, unencrypted message channel may be a shiny new feature that quickly loses its luster. Whereas had you added a secure message center that allows for these sensitive exchanges to occur, these complaints would have been addressed and resolved. Thus, increasing client satisfaction and loyalty to your organization.

How can you put yourself in your clients’ shoes to avoid this scenario? One way to better understand the customer process is to study the pain points your clients have, and how they want to see them resolved. If you notice a pattern of a universal grievance and suggested solution, then you’ve likely just discovered two key pieces of information in improving the customer experience: a bona fide customer experience problem, and a potential resolution.

Feedback evaluation is one of the best methods to understand client needs and wants. You can gather this data via various methods, including surveys, face-to-face communications (think advisor to client), focus groups, and even social listening. If you don’t already have any of this data on hand, then as part of this resolution, we recommend developing a plan to begin collecting it. Here are a couple of our favorite sources about how to get started:

We recognize that even when you’ve done your research to determine your clients’ needs, limited resources and compliance challenges can make it difficult to truly put your clients first and resolve their complaints. While these are all potential hurdles that you’ll need to overcome to accomplish this resolution, none are showstoppers. Here are a few resources, as well as an example of a company overcoming security and compliance challenges, to help you address some of these possible problems:

Keep It Simple

Between managing your career and your personal life, as well as trying to find time for yourself, it’s easy to become overwhelmed. Save yourself some time and ease *some* stress by remembering not to overcomplicate things. Make it a point to keep things simple this year, try not to overthink or make easy tasks too complex. Likewise, look at processes that are currently causing you or your team frustrations. Are they more difficult than they need to be? If the answer is yes, determine the cause of the problem, then make a plan to simplify it.

Let’s look at this with a basic example. Your team has a spreadsheet that is updated weekly. Currently, team member A updates their portion of the spreadsheet, then passes it to team member B, who inputs their data. This pattern occurs until every member has done their part. The simple solution is to move the spreadsheet to the cloud so team members can access the document, update their information, and complete their task at their own convenience. You could also consider setting up automated notifications that trigger once the spreadsheet is modified or, if actions need to be completed in a specific order, you may consider automating to do items. Whenever team member A completes their portion, a notification and a new task are automatically created for team member B, and so on. If you’re a Microsoft user, something like this can be done using Power Automate.

A word of caution: let’s say the notification sent in the previous example contains sensitive data. To avoid compromising its security, we’d recommend consulting your team of developers and consider using DataMotion secure message center APIs or our secure message delivery API. Each option will allow you to streamline these processes while tackling potential security vulnerabilities.

Streamlining processes can sometimes be time-consuming and complex. We get it. The last thing you want to do is overwhelm yourself while trying to simplify you and your team’s activities. Consider committing to simplifying at two least two tasks per month that you feel can and should be streamlined. By simplifying tasks (and selecting a small number at a time) you will reduce frustrations amongst your team while opening up bandwidth to focus on other tasks.

Unlock New Knowledge

You’ve probably heard the saying “education is the key to success” countless times, and you’re going to hear it again right now. Education is the key to success. Make a commitment this year to learn something new each day. For example, you may decide to increase your personal knowledge to advance your career by taking an online course (LinkedIn Learning and Harvard Business School Online are two good places for this). Alternatively, you may choose to learn more about your customers or industry by browsing market studies, industry reports, and current industry news. Here are a few good places to do this:

Finally, if you’re in a regulated industry and exchange sensitive data, it’s a good idea to pay attention to the news to learn about newly-discovered device vulnerabilities, vendor data breaches that may impact your enterprise, changes to industry regulations, and more. Speaking of the news, you will also want to keep your organization from ending up in the headlines for the wrong reasons, so stay on top of what you can do to keep your client’s data secure. Here are a few solid resources:

We highly recommend stopping by the DataMotion Blog, where we publish helpful tips and techniques for protecting your data’s security. As a starting point, check out our blog posts on the rise of Ransomware as a Service (RaaS), business processes that may be putting your data at risk, and an overview of the zero-trust model and how we use this strategy at DataMotion.

Are You Ready to Take On 2022?

Setting resolutions is easy, but sticking to them is harder. As you embark on your way to adopt one (or all) of these resolutions, set yourself up for success. Start small and set up a plan to act upon your resolutions. Remember, it takes twenty-one days to form a habit. Stay focused, and your resolution will become a natural part of your routine.

If you’re ready to get started on these resolutions, be sure to tour our services or reach out to our team of experts to learn how you can improve your client’s experience and simplify processes, while protecting the integrity of your sensitive communications. Also, for more helpful tips, as well as industry news and views, follow DataMotion on LinkedIn, Twitter, and Facebook. And don’t forget to subscribe to our newsletter for monthly insights delivered to your inbox.

happy group of business colleagues working together on code development in cafe
GitHub Enrichment: 4 Tips for Efficiency and Security 736 312 Heather Post

GitHub Enrichment: 4 Tips for Efficiency and Security

The GitHub platform is used by over 52,000 companies worldwide, including Team DataMotion. Why, you might ask? Because GitHub’s source code management and version control functionalities make it super-easy to add and contribute to your projects. For developers working in a group and sharing responsibilities, it’s essential to push code changes quickly and efficiently. As we know all too well, delays can have a ripple effect as others on the project may need your work to be completed before moving forward.

By enhancing your version control knowledge, you can quickly add new features and bug fixes to a project and avoid these slowdowns. In addition to efficiency, by building your GitHub knowledge you can take the incentive to ensure there are other controls in place on your repositories, such as security policies and safety nets. With cybercrime and insider threats on the rise, DataMotion and many other large corporations consider these security features to be essential for any GitHub repository.

Four More Tips to Improve Your GitHub Experience

To help you build this knowledge, the development team here at DataMotion has put together a list of tips and tricks to help you utilize GitHub to its fullest potential. If you are just joining in, this blog post is the second in a two-part series summarizing the tips we’ve shared over social media. You can find a quick GitHub overview, as well as the first of the series of tips and tricks, in our first blog post.

These tips are intended to enhance an already-basic knowledge of the GitHub platform, but for those of you who are still pretty new to GitHub and would like more information on how to get started, we recommend you visit their quick start guide. Otherwise, let’s continue and review four new GitHub tips that will help secure your repositories, increase efficiency, and enhance collaboration.

GitHub Tip #5 – Limit Repo Access

The fifth tip in our series is to limit who has access to your repositories. Limiting who has access is an important security strategy known as a Least Privilege Model (LPM) implementation. In essence, you are allowing only those who need access to the repository to have that access and therefore are cutting down the possibility of an insider threat.

The first step is to ensure the visibility of the repository is set to private, rather than the public setting that grants everyone access by default. To do this, navigate to the repository you would like locked down. Once on the repository, select “Settings” then scroll to the bottom of the screen where you will find a “Danger Zone” section. In this section, select “Change Visibility” and choose the “Make Private” option.

Once your repository is private, you will be the only user with access. From here, you will want to assess who on your team should also have it, then make them a contributor. You can do this by scrolling to the top of “Settings” and choose “Manage Access” on the left-hand side menu. A new page will display; in the page select the green “Add People” button within the manage access section.

To limit who has access to and to secure your repositories, go to your GitHub profile settings. Then manage access. Then click the "Add People" button

From here, you can search for the persons you would like to have access and contribute to your project.

Now only those who need access to your project will have it, reducing the chance of an insider threat.

GitHub Tip #6 – Scan Your Code

Continuing with security and efficiency in mind, our next tip is to scan your code once it is added to your GitHub repository. You can utilize CodeQL (or another third-party tool from the marketplace) to set up code scanning. This means CodeQL or another third-party scanning software program will crawl your code and identify errors or possible vulnerabilities within your code once it is pushed to GitHub. Note: CodeQL does have compatibility with VSCode as well.

When using CodeQL, these vulnerabilities and errors are found using queries. You can utilize queries created by GitHub and community contributors or create your own to use during these scans. Scans may identify errors in data flow, structure, and syntax. Custom queries can be used to search for errors unique to your organization, such as a query that may search for instances of a deprecated company URL. Searching for these vulnerabilities will keep your code clean and help thwart attacks in the future.

GitHub Tip #7 – Scan for Secrets

In addition to scanning for vulnerabilities, you can tighten security by scanning for secrets as well. To configure this setting within GitHub, navigate to your repository and select “Settings” followed by “Security and analysis”. Then, next to “Secret scanning” click “Enable”.

Doing so will ensure that no sensitive tokens or private keys that may grant permissions are pushed to your current repository. Therefore, you can ensure that sensitive data, as well as permissions, stay locked down.

Quick Note: This feature is automatically enabled for all public repositories (thankfully!). For private repos, you will need an advanced security license to enable this feature.

GitHub Tip #8 – Compare Repo Versions

While developing and continuously pushing project changes, you may find that you need to look at changes on a specific branch of your repository and compare it to the main branch. Therefore, our last GitHub tip in the series is how to efficiently do this from the version control platform.

To compare repository changes with another branch, add “/compare/branch1..branch2” to your repo path. For example, you can navigate to github.com/HeatherPost/GitHubTesting to see our latest repository. Then navigate to github.com/HeatherPost/GitHubTesting/compare/main..TestBranch to see the changes made on our test branch.

There is also the ability to compare two commits as well. To do this, use two dots to separate the version numbers. For example to compare commitA and commitB you would navigate to github.com/HeatherPost/GitHubTesting/compare/commitA..commitB.

Final Thoughts

Congratulations! You are on your way to becoming a GitHub master. With these tips and your new skills, you can now add security and efficiency features to your GitHub repositories and code. As a final tip, we recommend trying each of these suggestions out on a test repository before implementing in your current and future projects.  Once you’ve had a chance to test drive these tips for yourself, you will be ready to go!

We’ll be back soon with the next series of tips and tricks, which are all geared toward enhancing and broadening your skillset. These will be posted on DataMotion’s Twitter, Facebook, and LinkedIn pages every Tuesday. As always, we will be sure to summarize each set of tips in an easy and convenient blog post. Keep an eye out!

You can find DataMotion’s open-source projects, Postman collections and libraries on our GitHub. To find out more on how our secure message APIs can help you, visit datamotion.com today!

Businessman working on laptop and taking notes
Office Reopening and Developer Resolutions: The DataMotion January Hot List 732 312 Andrea Meyer

Office Reopening and Developer Resolutions: The DataMotion January Hot List

January is a time for catching up on the post-holiday checklist—responding to emails, getting meetings back on the calendar, diving back into tasks and projects, etc. With everything going on, you may have missed the launch of DataMotion’s newest solution, VxRM. VxRM helps employers safely reopen their offices with the secure, efficient, and compliant collection and reporting of employee COVID-19 data. We spoke more to VxRM and its benefits and provided a user overview in the DataMotion Blog this past month. You can also learn more about VxRM here.

By leveraging our existing secure message delivery APIs, Team DataMotion was able to develop, test, and launch VxRM in a matter of weeks. We encourage you to learn more about how our APIs can help your organization quickly innovate—in addition to visiting our site, please feel free to reach out to our team of experts, who are happy to assist.

Time to catch up on what you may have missed in January in the DataMotion Blog!

What You Should Have Been Reading in January

Four New Year’s Resolutions to Become a Better Developer January isn’t just for the post-holiday catch up. The nascence of a new year is a prime time for setting goals and making resolutions—both personal and professional. But resolutions without an action plan are just dreams. In this post to the DataMotion Blog, Developer Advocate Heather Post shared four recommended resolutions for developers for 2022, and the steps to turn them into reality.

VxRM: Easily Collect and Report Employee COVID-19 Data Whether your organization is planning on a full office reopen, a hybrid model, or just bringing staff together for meetings or in-person events, you will want to ensure that your return-to-office strategy is executed safely. This means collecting and reporting on employee COVID-19 data. But collecting information such as this goes beyond sending an intern desk-to-desk—this data is protected by HIPAA, ADA, GDPR, and other regulations. In this entry to the DataMotion Blog, Heather Post shares an overview of the challenges around collecting and reporting this data, and how VxRM can help your HR staff do this quickly, easily, securely, and within regulatory compliance.

An In-Depth Look at the DataMotion VxRM Platform In the previous blog entry, we offered an introduction to VxRM, and its benefits to employers seeking to safely reopen their offices. In this follow-up entry, Heather Post continues the discussion around VxRM, sharing an overview of the user experience for both employees and admins, as well as a glimpse at the powerful admin dashboard capabilities.

Other Things You Should Have Been Reading

The DataMotion Blog published entries covering a number of topics in 2021, including the zero-trust strategy, the rise of Ransomware as a Service, the data breach risk factors lurking within your processes, and takeaways from conferences such as HIMSS and ITC Vegas 2021. We curated these and other items we thought you might find of interest and created two aggregates to wrap up 2021:

DataMotion 2021 Year-end Hot List: A Year of Collections

DataMotion 2021 Year-end Hot List, Part 2: Editor’s Picks

Coming in February

We’re going ahead full force in February with a number of new blog entries, including a few words of wisdom for our business folks to help you achieve new goals in 2022, and a closer look at the DataMotion secure message center. We’re also moving ahead with the next installment of our social media Tip Tuesday Hot Tips series, where Heather Post and our developer team share their tips and tricks for using API testing platforms. The next installment, featuring Microsoft Visual Code Studio, will launch soon and you can find it by following us on LinkedIn, Twitter, and Facebook.

Finally, don’t forget to subscribe to the DataMotion Newsletter, which delivers thought leadership, industry news and insights, DataMotion updates, and more to your inbox once a month.

Thank you for a great January, and we’re looking forward to seeing you in February!

Developer sitting at desk with a laptop and coffee mug in front of him. Lines of code are written on the blue wall behind him and pieces of paper are taped on the wall.
Four New Year’s Resolutions to Become a Better Developer 732 312 Heather Post

Four New Year’s Resolutions to Become a Better Developer

Many see the start of a new year as a life.restart(); execution, and a time to create new habits that will bring success. With this in mind, I created four New Year’s resolutions that will help you build great habits, stay organized and become a better developer in 2022. Some are habits that I have found to be extremely helpful in my career, and others are suggestions from our engineers here at DataMotion that, for them, have made all the difference. To help these resolutions survive past January, I will also provide you with some helpful tips on how to achieve each below.

These timeless New Year’s resolutions will help you build your skills, career, and gain a work-life balance. Get your champagne ready because we’re going to ring in a new year full of success and achievements!

Let’s dive in.

2022 Resolution #1: Expand Your Knowledge

My first recommended New Year’s resolution is to take time to explore and develop skills in a new side of the technology field. For example, if programming is where you’re most resourceful, you may want to expand your knowledge and skill set in networking or operations. Expanding your knowledge provides a bigger picture on how your software will work in the grand scheme of things. Making a habit of expanding your knowledge and skill set will also make you a better, more marketable developer and allow you to become more resourceful in your current position.

If you’re still starting out in the programming world, you might want to take another step towards becoming a full stack developer. This doesn’t mean you have to choose a full stack role going forward, but this will give you flexibility in your current position as well as in future endeavors. For instance, if your current forte is front-end development, learning back-end development can be extremely useful. Understanding back-end development will again give you insight into how your DOM objects are being used. Doing so will also allow you to make your front-end work exactly as you have imagined as you will have control over how front-end objects are manipulated.

To help acquire new knowledge and skills, you can find courses on Udemy, Coursera, and YouTube. You can also find a wide array of blog posts online. Some courses might be a paid venture, but there are many free online alternatives. I am personally a big fan of w3schools.com, developer.mozilla.org and, of course, StackOverflow.

2022 Resolution #2: Personal Projects

Once you have learned a new skill or two, repetition and cycles will become your best friend. There are unfortunately no short cuts (I’ve checked!), and good, old-fashioned practice is the only way to improve your development skills and create mental “muscle” memory. A great way to practice a skill is through my second New Year’s resolution recommendation: get to work on some personal projects.

Meme of man reading a book about how to develop a new skill. Book reads "practice. practice. practice."

In order for these skills to truly become part of your arsenal, practice is critical. But your college course, work project, or personal business activities might not quite align with your new learnings. Therefore, you may need to create a project of your own to hone your newly-acquired skills.

Where to start? Your personal project could be something as simple as creating a personal portfolio with the new JavaScript framework you just learned. Perhaps you create an app to help automate some of your manual tasks. Another option is to create a pseudo-demonstration project, which has no other benefit aside from helping you practice.

These personal projects don’t have to be something you solely own, either. If you are learning back-end development, for example, find an open-source project where back-end development is needed. You might also consider taking a freelance position where you get to practice these skills. That said, I recommend these two options when you are more confident in your new skills but need repetition to stay sharp.

2022 Resolution #3: Build your Network

Developers often shy away from networking. It’s just a fact of life. But this is an extremely important skill to have, especially in the programming world, and is therefore my third recommended New Year’s resolution. Networking is an excellent way to gain career advice, learn of new developer events and industry news, and gain professional support. For example, if you are stuck on a project, it can be very helpful to have someone knowledgeable in the field to turn to. They may have run into the problem in the past, and unlike a stranger on StackOverflow, they may be willing to jump on a call to help walk you through a solution.

There are a number of options for networking with fellow developers. LinkedIn, of course, is a great place to network. There are also Discord and Reddit groups you can join. I also strongly recommend attending meet-ups, whether in person or virtually. I have personally found a ton of great groups to network in through meetup.com! Groups tend to meet on a timed interval (weekly, monthly, quarterly, etc.) to discuss a specific topic, or to work on a new development skill together. Making a habit of using these avenues to grow your network will help you expand your knowledge, gain, and refine new skills, and stay up to date on new technologies, malwares/threats, and job listings.

2022 Resolution #4: Know When to Step Away

Now the hardest resolution of all: knowing when to step away. I acknowledge this blog post has now asked you to take time to expand your knowledge, dedicate cycles to practicing new skills, and put in time to network, all on top of your current job and everyday life activities. But lighting the fire under your professional life can lead to burnout, which begs the question: when in the heck are you supposed to take a break?

This answer depends on you and your unique situation. For example, if you have a lighter workload at the moment but your personal life is busy, you may still need to take a break and focus on yourself. If your workload is becoming too much, a week away from these resolutions might be exactly what you need. I personally like to work in intervals, followed by a few days to myself. I find this gives me a great balance. You may need to do some trials to find a system that works best for you. You can also talk to a mentor or professional to help find the right system for you. Working to find this balance however is the key to staying consistent and sticking to your goals!

Here’s To 2022!

Well, there you have it! Four ideas for New Year’s resolutions to help you improve your development skills and gain success in 2022. Hopefully these resolutions will become habits that stay with you moving forward all year.

Be sure to follow DataMotion on Twitter, LinkedIn, and Facebook to learn about new features and products as well as find developer tips every Tuesday! We will be adding a new open-source project to our GitHub account this 2022 and would love for your contributions.

If security is already part of your 2022 resolution list, be sure to sign up for a free trial today!

Happy New Year!

Man in suit looking at laptop
An In-Depth Look at the DataMotion VxRM Platform 736 312 Heather Post

An In-Depth Look at the DataMotion VxRM Platform

Collecting COVID-19 information from employees, such as vaccine records or test results, is becoming a crucial step for a return to office. Whether your organization seeks to ensure mandate compliance or is simply working to guarantee a safe work environment, this data collection is necessary and can present a logistical challenge. However, as I covered in my last blog post, DataMotion’s VxRM platform makes gathering this information an easy task, allowing organizations to quickly, compliantly, and efficiently collect and report on employee vaccination records, test results, and exemption requests.

The VxRM platform consists of an easy-to-use and mobile-friendly employee application and administration dashboard. With an easy workflow, vaccine status collection is simple:

  1. Admins will first upload employee email addresses to an employee list. Once admins activate the VxRM application each employee on the list will receive an email containing a link to the employee app.
  2. Once these invites are received, employees will fill out a short form and submit their information. Responses are encrypted and sent over a secure channel, to a zero-trust, governed database where they will be stored.
  3. Then, in the administrator dashboard, admins can easily search and sort through these results to generate compliance reports, including statistics on who is vaccinated, who is testing and who is not currently compliant.

Now that you have a general idea of how the VxRM platform works, I’ll walk through each component in greater detail.

Note: You can find more information with our employee app and administration dashboard How to Guides as well.

The Employee-Facing App

Once the VxRM platform is enabled and employees have selected the link in their invitation email, they will be brought to the VxRM employee-facing application.

Within the employee application, users will see a cobranded form with three options to choose from:

  • Report a vaccine dose
  • Report a COVID test
  • Request an exemption
Screenshot of the DataMotion VxRM employee portal. Displays options to report a vaccine dose, report a COVID test, and request an exemption

Once employees select the action they wish to perform, they will be prompted to provide additional information based on their selection such as vaccination or test date, vaccine or test type, etc. Users will also be able to include a photo of their vaccine cards and test results, either via their device’s cameras or by uploading an existing photo.

Once the form is completed and submitted, this information is sent securely with military-grade encryption, helping your organization stay compliant with data privacy regulations. Users can then return to the page on an as-needed basis, whether to provide new weekly test results or to record additional vaccine doses and booster shots. It’s as easy as that!

As questions may arise from employees, the VxRM platform includes the ability for your company to provide a disclaimer or outline your privacy policy, within the admin dashboard. Employees will see a disclaimer and privacy policy button on the vertical menu to the left of the form and will be able to access this information right from the employee app.

DataMotion made this process quick, easy, and convenient to help ensure you receive results from your staff in a timely manner.

The Administrator Dashboard

The second component to VxRM is the administrator dashboard. This is where admins can configure the app, upload an employee list, send invites, and generate compliance reports. The dashboard can be easily found on the DataMotion site by navigating to https://datamotion.com/portal/project/DataMotion/product/VxRM.

On the dashboard, you will find an overview of the VxRM application, as well as some FAQs. To sign up (and receive 5 free licenses to help you get started) simply select the orange “Begin” button in the top right corner and log in or create an account.

Screenshot of the DataMotion VxRM Platform's dashboard. Shows a brief overview of VxRM and where to begin using the tool.

Once logged in, the platform can be configured, meaning you can review your company settings, create and upload your employee lists, and finally, enable the app to make it live. Below, I’ll guide you through these steps.

Configuring the App and Setting Up Your Company

Company set up is an optional step but one I would recommend reviewing all the same. Here, the company name will be auto populated, but can be updated in the “Company Settings” tab. This is where admins can specify their disclaimer and privacy policy which we saw in the employee app description as well as change the logo, primary color and secondary color that will render on the employee app.

There is also the ability to establish a testing cycle period and grace period. The testing cycle will dictate how often you will require employees to be tested. The grace period is the number of days that may pass after a testing cycle before the employee is considered not compliant. Configuring these settings will ensure your policy is being implemented.

Screenshot of how to configure your VxRM app. Some of your configuration options include company cobranding, testing cycle length and grace period, and more.

Creating Employee Lists

In the “Employee Console” tab, admins can add their staff to the employee list, either one at a time or in bulk with a simple-to-use Excel template, which can be downloaded from the administrator dashboard. The listed employees will receive an email with a link that provides access to the VxRM employee application once the platform is enabled.

Note: There is an option to add employees and mark them as disabled. Doing so will prevent the employee from receiving a VxRM email until they are marked enabled.

Going Live

Once the set-up is complete and the employee list is configured, administrators can toggle the “Ready to go live” button at the top right of the page. Once this option is toggled on, enabled users will be sent an email invitation containing a link to the employee app. It’s as easy as turning on a switch!

To go live with VxRM, simply toggle on the "Ready to go live?" button in your admin dashboard.

Monitoring and Reporting

Once employees have submitted their vaccination status, administrators can quickly search and sort through the submitted results by a variety of criteria, including employees who:

  • Are fully or partially vaccinated
  • Are testing weekly within the testing cycle
  • Are testing weekly but failed to submit within the testing cycle
  • Have requested an exemption
  • Have not responded

If this information needs to be submitted elsewhere, a CSV can be downloaded from the admin dashboard as well.

Note: Once this information is downloaded, extra steps will need to be taken to ensure compliance regulations continue to be met, such as storing the file on a secure machine.

The VxRM admin dashboard includes reporting capabilities to determine who is fully vaccinated, who is testing, who is not compliant, and more.

With a few simple configuration steps, you can securely collect the vaccination status of your entire workforce.

Getting Started

Sounds easy enough, right? The DataMotion VxRM platform will be a breeze for employees to use and a critical time saver for employers. With security top of mind, data is safe from beginning to end.

To get started, navigate to our self-service portal at https://datamotion.com/portal/project/DataMotion/product/VxRM and either login or sign up. You will automatically get five free licenses for testing and can easily purchase additional licenses in the admin dashboard.

For further information, we invite you to review our Employee Guide for Using DataMotion VxRM and the Admin Guide to Configuring the VxRM Application which will provide a step-by-step guidance on successfully utilizing our platform. You can also check out our VxRM webpage and follow us on social media for platform updates!

If you have any additional questions, stop by our documentations page or contact our sales team today.

Woman typing on laptop with clipboard containing data next to her
VxRM: Easily Collect and Report Employee COVID-19 Data 736 312 Heather Post

VxRM: Easily Collect and Report Employee COVID-19 Data

Despite COVID-19 and its variants still looming large in our daily lives, vaccines and other preventative measures have allowed many workplaces to return to some semblance of normalcy. As part of their reopening efforts (whether a hybrid or full return) businesses are implementing their own COVID-19 vaccination and/or testing requirements, similar to city, state and federal mandates. The goal of doing so is twofold. First, employers want to support a healthy environment as they seek to conduct business in the physical workplace. Second, they must be prepared to meet outside mandates if/when they become required.

Understanding the necessary elements for a safe return is only the first step. Executing a self-enforced vaccine directive while staying compliant with related, long-existing federal mandates (think HIPAA, GDPR, CCPA, etc.) is the real challenge.

DataMotion recognized this and quickly pivoted to create a solution. Using our existing secure message delivery API, our engineers developed the VxRM platform to make the collection of employees’ COVID-19 vaccination status and test result data efficient and easy, while helping organizations report on regulatory compliance.

The VxRM Platform: The Basics

DataMotion’s VxRM platform is designed to help organizations securely, compliantly, and efficiently collect employee COVID-19 data including vaccination records, exemption requests, and test results. Once submitted, these responses are encrypted during transit over a secure channel and stored in a zero-trust, governed database. With this scalable and secure database hosting the personal health information, admins can quickly search and sort through employee responses, then filter and report on the information provided. These security measures help ensure your organization meets government compliance regulations while your data is in transit and in storage on the VxRM platform.

The VxRM platform consists of two corresponding parts: the employee app and the administrator dashboard. In the employee-facing application, employees will provide vaccination records or test result data. Once submitted, this information can then be reviewed, reported upon and monitored within the admin dashboard. We’ll speak a little more to each element below.

The Employee-Facing App

The employee side of VxRM consists of a mobile-friendly web application. Employees can access the app once they receive an email (which is sent through the administrator dashboard) containing a link to the employee application.

Within the application, employees can report a vaccine dose, report a COVID-19 test, or request an exemption. Depending on which action is selected, users will be prompted to provide additional information such as a vaccine date or test type. They can upload images of their vaccine record as well.

The Administrator Dashboard

The administrator dashboard can be found on the DataMotion portal. This is where admins can configure their company settings, add or upload the list of employees required to provide their vaccination status, and even cobrand the employee app. Once employees submit their responses, the administrator dashboard can be used to quickly search and sort through the submitted data as well as report and analyze their company’s general COVID-19 vaccination status. These reports and analyses can then be exported into a CSV and passed along to meet regulatory compliance.

Agility and Flexibility

The DataMotion team designed the VxRM platform to be agile and adaptable to your organization’s unique needs. For instance, you may want your employees to be tested on a weekly, rather than bi-weekly, basis. This is configurable with the admin dashboard, allowing flexibility for organizations to customize their unique requirements and ensure company policies are being enforced.

As we move forward, new requirements and options are expected. For example, booster shots may be required in the coming months for people to be considered fully vaccinated by the CDC. As new medicines are developed, companies may want to examine how those with positive COVID-19 test results are treating their illness in order to determine the length of time before an employee can return to work. With these possibilities in mind, the VxRM platform’s flexible and agile design will allow us to quickly update and add new features as mandates and requirements continue to change.

Key Takeaways

Normalcy, or something similar, comes with a price. To accommodate a return to the office in a safe and compliant manner, companies across industries are moving forward with vaccination requirements of their own. As they do so, the DataMotion VxRM platform will ensure that organizational and/or government mandates are compliantly fulfilled while avoiding logistical slow-downs.

To sum up, the VxRM Platform:

  • Contains an easy-to-use, mobile-friendly, cobranded web application where employees can quickly upload their vaccination status and test results.
  • Securely collects and stores sensitive PII and PHI data, helping your organization stay within regulatory compliance.
  • Allows administrators to easily search and sort through as well as report on submitted responses to ensure your employees can safely come to the office.

In our next post, we will review the ins and outs of the VxRM platform and give a functionality overview. For further information, we invite you to visit our VxRM site or review our Employee Guide for Using the DataMotion VxRM and Admin Guide to Configuring the VxRM Application for more information and step-by-step guidance on successfully utilizing our platform. If you have any additional questions, stop by our documentations page or contact our sales team today.