
Texting Patients is Now Okay Under HIPAA According to Director of OCR
Securing Protected Health Information (PHI) is a top priority for healthcare organizations. This is especially true when it comes to electronic communications, such as email and text messaging. These new methods of communication are quickly replacing the telephone as patient’s preferred method of communication with a healthcare provider.
Standard Text Messaging is Fine (If Done Correctly)
HIPAA regulations provide guidance for the electronic transmission of PHI, however they’re not as clear as many would like them to be. HIPAA compliance fears left many healthcare organizations lagging behind other businesses in supporting text message communications, much to the disappointment of patients.
On Tuesday, clarity was given to those healthcare organizations concerned about the use of text messages to send PHI. According to EMR & HIPAA, during his talk at the HIMSS conference, the Director of the US Department of Health and Human Services Office for Civil Rights (OCR), Richard Severino, stated that healthcare providers may share PHI with patients through standard text messages. Healthcare organizations must inform patient’s the text messaging is not secure, gain their authorization, and document their consent, before sending the text messages.
What This Means for Healthcare Organizations
Given the continued growth and usage of text messaging by patients, any healthcare organization that has not yet embraced this method of communication no longer has a reason to avoid it. The clarification around standard text message use under HIPAA regulations gives these organizations a clear roadmap to compliance. They can now implement the proper safeguards in order to use it – whether it’s to help facilitate care or ask for an online review.
The best part is that the proper authorizations and documentation can easily be discussed and gathered at the beginning of a patient’s first (or next) visit. Existing documentation and forms can be amended, or new ones quickly drafted and inserted into the normal intake process. This will make it difficult for even the most archaic healthcare organizations to avoid utilizing text messaging in the near future.
Note: It goes without saying that I am not a lawyer. You should consult your before implementing any electronic communications program to ensure you have the proper safeguards in place to protect sensitive information.