Texting & HIPAA. OMG.


While texting is an easy form of communication, unfortunately it’s not ideal for the medical world. At the end of the day, texting and HIPAA do not go hand-in-hand. Learn about the different problems associated with texting with patients or texting about them with other healthcare providers as well as some simple solutions to make texting within your medical practice more secure.

The Problems Associated With Texting With or About Patients
Texting has definitely made communication both easier and faster. And, when it comes to communicating with your patients or about them with other healthcare providers, easier and faster communication is definitely a plus. But, because “standard “SMS” (Short Message Service) texting is not encrypted or secure,” it becomes a HIPAA compliance issue. Sadly, in addition to HIPAA violations, texting with patients can also put your practice at risk for data breaches and security hacks.

Here are a few other issues associated with using SMS text messaging within your medical practice:

● You can’t always verify that the recipient received the text.
● You can’t easily print or port text messages “to EHR, so pieces of the patient’s record remain “outside” the chart.”
● There isn’t a way to escalate high priority messages.

Simple Solutions For Texting With or About Patients
Luckily, you and the employees working at your practice don’t have to forgo texting all together. There are several precautions you can take to make texting more secure.

1. Put a texting policy in place.
The first thing you should do is set some ground rules. In fact, it’s a smart move to ask everyone in your practice to stop texting with patients or texting with other providers about patients until you’ve established a texting policy, and everyone is on the same page. Also, let your patients know about the situation so they aren’t left in the dark while you work on developing your texting policy. Just be sure to inform your text-using patients that the hiatus is for their protection and privacy.

While a texting policy will vary from practice to practice, here are some items you’ll want to make sure are included in yours:

● Who is authorized to correspond with patients via text
● Who is authorized to correspond with other healthcare providers via text
● Any message response time requirements you feel are necessary
● A list of topics that are appropriate and inappropriate for text messaging
● What to do if a patient needs emergency care

You should also consider working with an attorney when developing your texting policy. Having a lawyer on board will allow your practice to develop a policy that’s in “accordance with the laws in your state.”

2. Make sure everyone in the practice has their cell phones encrypted.
Encryption software “reduces the risk of unauthorized parties accessing text and other data on a physician’s or staff’s mobile device.” According to healthcare attorney, Michael Sacopulos, president of the Medical Risk Institute in Terre Haute, Ind., Encrypting all mobile devices is good practice, whether you are texting with patients or not.

3. Get written permission from your patients before texting.
Before allowing your practitioners and patients to communicate via text, make sure you have written consent. Have your patients sign a “Statement of Understanding” so they know what to expect. This statement should make it clear that text communication is a choice and that patients can opt out at anytime. It’s also a good idea to have your patients “review and re-sign the policy every 12 months.”

4. Invest in a secure messaging platform.
A secure messaging platform is the best of both worlds. It allows you to keep in touch with patients outside of the office in a secure way because unlike standard texting, secure texting is encrypted and messages are sent across a secure network. Plus, a secure messaging platform allows you to store all communication somewhere safe. Messages are “typically stored in the cloud on a secure, encrypted server — not on individual mobile devices.” A secure messaging platform allows you to quickly communicate with your patients or other healthcare providers while staying compliant with HIPAA.

You Can Securely Communicate With The Doctors Answer
The Doctors Answer uses a powerful messaging software that was specifically designed to communicate important information with your on call staff while keeping your patient’s PHI encrypted and secure. Our HIPAA compliant secure messaging platform is just one of the many benefits of partnering with The Doctors Answer for your practices’ answering service needs.

To learn more our offerings and how we are a secure answering service solution, visit our Services page.