- CATEGORIES: Businesses,Doctors and Hospitals,Improve Your Practice,Technology,Technology for Providers
- No comments
The first text message was sent in 1992. Since that time, texting has become a part of everyday life for the majority of Americans and people around the world. It is estimated that more than 500 billion text messages are sent each month. Social texts between friends and family members, text reminders for hair, eye, dental, and other appointments, and text message marketing have all become the norm. So, it’s only natural that texting would be used in healthcare.
Texting is an efficient form of communication that offers healthcare many benefits. Nurses no longer have to track down physicians; they have a connection to them that is fast and direct. However, with HIPAA laws in mind, it’s important to ensure healthcare texting is done in a compliant manner. Failure to do so can result in a fine of $50,000, and repeated violations can total $1.5 million a year in fines.
HIPAA’s Administrative Simplification Provisions (As)
The Administrative Simplification Provisions serve as guidelines for developing secure systems. They ensure compliance through four areas:
- Encryption– All electronic protected health information (ePHI) must be encrypted at all times.
- Secure data centers – Whether on or offsite, data centers must have high levels of security both physically as well as from a policy and ongoing assessment standpoint.
- Audit controls – Compliant messaging systems must be able to create and record an audit trail of all activity that has ePHI, and it must be easy to archive, retrieve, and monitor.
- Recipient authentication – Text messages containing ePHI can only be sent/delivered to the intended recipient. Therefore, a medical texting system must include a way for the sender to know if, when, and to whom a message was delivered.
Who Needs to be Compliant?
HIPAA compliant texting includes everyone who has access to protected health information including administrators, insurance brokers, and other third party service providers. With so many people affected, it is important to ensure that all your electronic health information communications are properly monitored and all parties are informed of expectations and protocols. If you are not sure whether your text-connected systems are HIPAA compliant, check with your provider.
How much texting does your practice/health system utilize? Are your texting systems HIPAA compliant?
Brooks, A. (2014). Healthcare Texting in a HIPAA-Compliant Environment. American Academy of Orthopaedic Surgeons. Retrieved online 1/10/2014 from http://www.aaos.org/news/aaosnow/aug12/managing5.asp
HIT Consultant. (2013). Navigating The Compliance Maze of Secure Text Messaging in Healthcare. Retrieved online 1/10/2014 from http://goo.gl/eZJqZocan