With GDPR applicable since May 2018, many companies started taking decisive measures against “shadow” usage of messaging apps. Continental banned the usage of WhatsApp and Snapchat on company mobiles. Deutsche Bank went even further, by banning instant messaging as well as all messaging apps.
However, the need for instant messaging to exchange critical business data in real time remains, especially considering the fast paced business environment, as well as the customer expectations to gain access to the business and government services as quickly as possible.
After having discussions with several clients, many of them dealing with sensitive and private data (e.g. medical services providers), they point out that due to the dispersal of relevant data and information, instant messaging remains essential in gathering and propagating vital data in real-time.
At the same time, managers want to be in control of who accesses the data they exchange. This means using the best encryption available (end-to-end), as well as hosting the messaging solution in their private cloud. To fully cover the security concerns, an MDM (Mobile Device Management) component has to be part of the solution. GDPR compliance is a must. For increased usability, integration with enterprise apps is also required.
With these requirements in mind and with a strong desire to provide the client with an app that ticks all the boxes, the Romanian company Trencadis is developing the FORTYPE messaging app. As a recognition of the fact that stepping out of the “shadow IT” zone means not only banning existing apps, but also providing companies and governments with a proper solution, the EU awarded a grant for building FORTYPE, product developed within the project TALOS – Secure Mobile Intra-organizational Communication, implemented by Trencadis Corp.
We have brought together the flexibility of the Design Thinking approach, centered on end-users, with MDM solution for administrators, and came up with four core features that were not considered before when taking into account the “bread and butter” functionalities of typical instant messaging apps.
- In-app document scanning. Focusing on specific use cases from the medical domain, we learned that sometimes physical documents need to be sent via instant messaging for rapid sharing. This is possible by using device specific functionalities (like taking pictures, then sending them), but this is a rather lengthy and error prone process, especially when we discuss about multi-page documents. The in-app functionality enables multi-page scanning, followed immediately by sharing with the relevant users.
- Large files sharing. Most instant messaging apps impose reasonable limitations for the message attachment (e.g. 100 MB limitation in WhatsApp). However, when we talk about medical files, these can be rather large – CT scans, MRI can reach GB sizes. To overcome this limitation, FORTYPE will provide a built-in file-sharing option, automatically activated when the attachment is above a certain value. By simply attaching a large document, it will be placed in the file-sharing location and the message will contain a link that will allow the relevant users to download it when needed.
- Temporary enrollment of external users. While FORTYPE is designed as an internal instant messaging platform, we had to recognize the fact that in certain business scenarios, like the need to quickly pull together recent medical information for a patient, relevant data sits with external users. They need to be quickly enrolled in order to allow them to securely share the information they hold, be it medical records or imaging files. With this in mind, we created an external user enrollment process initiated via an SMS sent to the external user’s phone number.
- Configurable user rights. This functionality came as a logical consequence of enrolling external users. For example, when external users are part of an ad-hoc group focused on pulling together all relevant medical information for a patient, the external users should be able to visualize only the attachments they provided and not the attachments shared by other users. This is required in order to avoid unwanted disclosure of confidential medical information. Obviously, the internal users in charge with gathering all relevant medical documents have the right to access all attachments provided by internal and external users.
We believe that Design Thinking, centered on users’ needs and on defining detailed interaction scenarios, is extremely valuable in determining new products within fields that seem crowded or saturated. If we take a closer look at a business, we will come to the realization that the lines between product/services and user environments are blurring. If companies can bring out an integrated customer experience, it will open up opportunities to build new businesses.
This project is co-financed with funding from the European Regional Development Fund – Priority Axis 2 –
“Information and Communication Technology (ICT) fit a competitive digital economy”, through the
Operational Competitiveness Program 2014-2020. The content of this material does not necessarily
represent an official position of the European Union or the Government of Romania.