The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance
Posted By Steve Alder on Dec 23, 2023
Text messaging in healthcare has many practical uses and is not affected by the restrictions of the Privacy Rule when it is not used to communicate Protected Health Information (PHI), or when a patient has requested confidential communications by text. There is also a growing number of technology solutions that can support text messaging in healthcare when PHI is received or transmitted.
Healthcare providers are using text messages to send patients appointment reminders. Patients can also cancel appointments by text, which has drastically reduced the number of no shows. Messages are often sent to patients advising them about delays, which reduces wait times and improves the patient experience. Prescription reminders are often sent to patients by text, which has reduced the number of uncollected prescriptions. These services are proving popular with patients. A study by Software Advice revealed 20% of patients prefer receiving health information from healthcare professionals by text message rather than using patient portals.
Text messaging in healthcare streamlines communication between all members of the care team, patient handovers are improved which reduces the potential for errors, and the ability to text staff members eliminates phone tag and hours of wasted time. The use of text messaging in healthcare has helped reduce the cost of healthcare provision and has improved the patient experience and staff satisfaction levels. Less time wasted by staff means more time can be devoted to treating patients.
Text messaging is a fast, efficient, and convenient method of communication. Messages can be sent from virtually any location to mobile devices. Instant messaging solutions support the sending send audio and video files, images, and other file attachments via text. However, while there are clear benefits to be gained from allowing the use of text messaging in healthcare, it is not without its risks.
Rectangle Health’s Patient Engagement Software Is Used By 1,000s Of Healthcare Providers & Easily Integrates With All Existing Practise Management Systems
Your Privacy Respected
HIPAA Journal Privacy Policy
Many text messaging platforms do not feature end-to-end encryption so data can be intercepted in transit. Messages can easily be sent to incorrect individuals as there is next to no recipient verification, and messages containing important information could also easily be deleted. Messages can remain on devices indefinitely creating a major privacy risk and if mobile devices are lost or stolen, text messages containing electronic protected health information could easily be viewed by unauthorized individuals.
HIPAA does not prohibit the use of text messaging in healthcare. It is perfectly acceptable for doctors, nurses, and other healthcare professionals to communicate with each other – and even patients – via text message. However, there are requirements that must be satisfied before any text messaging platform can be used for sending electronic protected health information.
The HIPAA Security Rule requires safeguards to be implemented to ensure the confidentiality, integrity, and availability of ePHI. Controls must be put in place to ensure ePHI cannot be accessed by unauthorized individuals. Protecting ePHI requires access controls to be in place and data must be encrypted at rest and in transit.
Controls are needed to ensure that ePHI cannot be altered or accidentally destroyed and an audit trail must be maintained, and the activity of authorized individuals monitored.
Standard SMS messages lack all these controls. There is no control over where messages are sent, messages are not encrypted so they can be intercepted in transit, and messages can be stored on service providers’ servers for long periods of time and could be accessed by unauthorized individuals. Even consumer-grade instant messaging platforms that have end-to-end encryption are not HIPAA compliant.
In order to gain the benefits of text messaging in healthcare while meeting all requirements of HIPAA, a HIPAA-compliant text messaging platform must be used.
HIPAA-compliant text messaging platforms incorporate technical safeguards to ensure the confidentiality, integrity, and availability of ePHI and meet all requirements of the HIPAA Security Rule. The platforms are closed systems so messages can only be sent to individuals authorized to use the platform. Access controls are in place to only allow authorized individuals to login and every message sent through the system is protected with full end-to-end encryption. These messaging platforms incorporate safeguards to prevent message tampering and mechanisms are in place to ensure that in the event of the loss or theft of a mobile device, messages cannot be accessed by unauthorized individuals.
Healthcare organizations that have adopted secure text messaging platforms have reported improvements in productivity, quality of care, reductions in patient stays, faster transfer times and patient throughput, shorter waiting times, improved bed utilization, better resource optimization, fewer medical errors, improved continuity of care, reduced costs, better Press-Ganey scores, and improved staff morale.
Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com
Rectangle Health’s Patient Engagement Software Is Used By 1,000s Of Healthcare Providers & Easily Integrates With All Existing Practise Management Systems
Your Privacy Respected
HIPAA Journal Privacy Policy
Rectangle Health’s Patient Engagement Software Is Used By 1,000s Of Healthcare Providers & Easily Integrates With All Existing Practise Management Systems
Your Privacy Respected
HIPAA Journal Privacy Policy
The HIPAA Journal provides the most comprehensive coverage of HIPAA news anywhere online, in addition to independent advice about HIPAA compliance and the best practices to adopt to avoid data breaches, HIPAA violations and regulatory fines. The HIPAA Journal’s goal is to assist HIPAA-covered entities achieve and maintain compliance with state and federal regulations governing the use, storage and disclosure of PHI and PII.
Receive weekly HIPAA news directly via email
HIPAA News
Regulatory Changes
Breach News
HITECH News
HIPAA Advice
Email Never Shared
Cancel Any Time
Privacy Policy
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Click here to subscribe to free weekly newsletter
Copyright © 2014-2024 The HIPAA Journal. All rights reserved.
Wait… Don’t Leave Empty-Handed!
Get the FREE
HIPAA Compliance
Checklist
The best resource to view
your compliance requirements
and avoid HIPAA violations.
Wait… Don’t Leave
Empty-Handed!
Get the FREE
HIPAA Compliance Checklist
View your compliance requirements and avoid HIPAA violations
Delivered via email so please ensure you enter your email address correctly.
Your Privacy Respected
HIPAA Journal Privacy Policy
For Individuals
Show Your Employer You Have Completed The Best HIPAA Compliance Training Available With ComplianceJunction’s Certificate Of Completion
Your Privacy Respected
HIPAA Journal Privacy Policy
Delivered via email so please ensure you enter your email address correctly.
Your Privacy Respected
HIPAA Journal Privacy Policy
Please enter correct email address
Your Privacy Respected
HIPAA Journal Privacy Policy
You will be contacted by our page sponsor Rectangle Health
Your Privacy Respected
HIPAA Journal Privacy Policy
Is Your Organization HIPAA Compliant?
Find Out With Our Free HIPAA Compliance Checklist
Text Messaging in Healthcare – HIPAA Journal
