Universal Secure Messaging

Universal usage of secure messaging


Using secure messaging has a number of benefits

  • Identity verification: staff answering phone calls and emails lose time with every interaction confirming the identity of the person before they can release information about the patient. With every new phone call and email, checking has to start all over again. By contrast, PKB users have all had their identity verified.

  • Consent verification: staff also lose time verifying consent. If the person asking about the patient is not the patient, has the patient consented to release the information? PKB has carer consent built in, so staff can focus on putting answers in the patient’s record, knowing that the right carers will have access, and others will not.

  • Integrating teams: staff rarely have time to log phone calls in the medical record, and emails are not stored in there either. The ephemeral communication is never shared between teams let alone organisations. PKB’s team-based messaging means everyone looking after the patient can see the messages with everyone looking after the patient.

  • Integrating records: the messages in the PKB record are available to local medical records systems. This is either through logging into the PKB web site; or single sign-on from clinical records systems into PKB; or API integration storing data from PKB in local electronic health records and shared care records systems.

  • Spreading workload: shared email inboxes do not show which emails have been dealt with, only which ones were read. If one colleague reads a message, the others do not know if they still need to deal with it. The problem gets worse if an individual employee shares their individual email address, mobile phone number, or WhatsApp account with a patient. PKB’s team-based messaging allows an individual to mark that they are working on a message from the patient, so their colleagues can focus on other messages. The employee can also mark it complete when they have solved the problem, so it no longer appears in anyone’s inbox.

  • Reducing workflow: manual tasks can be avoided through access to the record.

The common concerns are well mitigated

  • Registration: in England and Wales, 28 million adults are already registered with the NHS login. Registration for identity verification is a free one-time process that benefits the patient in the use of all other NHS services.

  • Accessibility: patients need to have phone calls as an alternative. Your website should make it clear that secure messaging is more efficient and effective than phone calls while maintaining the possibility of speaking through switchboard for those who, for any reason, cannot use the internet.


Secure messaging allows a patient to send a message to one or more recipients in Patients Know Best. The patient can include the team they need help from, and CC other participants such as carers.

When a patient sends a message to a team, PKB notifies each member of the team in the email software of the team. When a team member replies, PKB notifies the patient and their carers about the message.

The replying professional can bring in other participants such as specialists and senior staff on a case by case basis. The professional can assign the message to themselves so that colleagues know they do not need to reply. And the professional can archive the messages when they have dealt with the patient’s problem to hide it from the inbox of their colleagues.

PKB stores the full set of messages in the record of the patient for everyone else looking after the patient, including clinicians and carers.


Every team in the organisation should be set up for messaging. It is important to explain to staff and to patients that secure messaging is business as usual. For the patients, this makes it clear that the one-time registration process is worth doing, as it will allow working with all their teams. For staff it makes it clear that the training is worth doing, as a critical mass of patients will be registered and ready.

Starting teams

It is useful to start with purely administrative teams. This allows a soft launch that does not affect front line clinical services. It also generates early benefits because these administrative teams need to verify identity to help patients but lack the direct relationships with patients that clinicians have. Three examples include:

  1. Patient Advice and Liaison Services (PALS): patients can send messages with their questions and complaints. At the right time, it is easy for the patient to grant the PALS team access to their record so the team can look into the details of the problem the patient faces. After solving the problem, the team can return to having no access to the patient’s record. The team can add other departments’ staff to a discussion, including clinicians with first-hand knowledge of the problem, to solve it quickly and transparently.

  2. Medical records: some hospitals using PKB have reduced most medical record requests by simply registering each patient to their existing PKB record. For patients where that record does not already include the data the patient asked for, the team can manually upload unlimited documents, including scanned PDFs of paper notes, and compressed folders of imaging studies. Identity verification forms and delays are no longer necessary.

  3. Central appointment administration: some hospitals use a central team to book and change appointments on behalf of clinical departments. They respond to phone calls and text messages. These have no audit trail, individual responders can only work on one patient at a time, and there is no visibility of the allocation of cases between team members. Secure messaging in PKB provides an audit trail, a responder can work with multiple patients simultaneously, and a manager can see who is helping who. As soon as the team member books the appointment, the appointment notifies PKB and PKB notifies the patient. The PKB appointment page shows the full details. Messaging about appointments is also built into the PKB appointment page.

After this, add every other department that patients can already contact. Keep the phone number available as an alternative but remove the email address, add the PKB secure messaging button, and explain that secure messaging is your preferred method.

Administrators then clinicians

Begin with administrative employees who currently answer the phone and deal with non clinical queries. Over time, clinicians can register to answer clinical questions that administrators escalate to them. Clinicians do not need to be contactable by patients, instead, they can respond to queries from other colleagues who are contactable. And each department can have different escalation pathways. For example one department can have nurses as first line contactable by patients, with the consultant doctors providing line support to the nurses, uncontactable only by patients. Another department can have reception staff as first line contactable by patients, handling most queries as they are about appointments and administration. For clinical queries they can bring in nurses who are second line, uncontactable by patients. The nurses can bring in third line support eg consultants from the team, or specialists from other teams, all of whom would also be uncontactable by patients.


  • Register each team

  • Configure contactable and non contactable

  • Set up team’s website with button and link