For many people, text messaging has replaced the art of real conversation. It’s easy and direct, and it saves users an abundance of time. This is also true in the health care environment, where text messaging has improved workflow and made communicating by pager and return calls obsolete. But the issue of text messaging and HIPAA compliancy has inspired much confusion. Is it HIPAA compliant or not?
Generally, SMS messaging is not encrypted or secure. Some wireless carriers store text messages, and with the use of public Wi-Fi and open cell phone networks, the potential exists for texted data to be compromised. In addition, sensitive information may fall into the wrong hands by way of malware, or a lost or stolen phone.
Thus, in order for texting to be used in health care, technical safeguards must be in place to ensure confidentiality, and maintain the integrity of protected health information (PHI). This is usually accomplished by establishing a private, secure texting network where all electronically-transmitted PHI is encrypted.
There are 5 necessary steps that covered entities can take to manage cell phones used by individuals working in the health care profession.
Ultimately, the use of text messaging in health care is for the good of the patient. Essential data such as lab and imaging results can be at the providers’ fingertips, response times may be reduced, interventions can be applied more quickly, and patient outcomes will improve.
For more information on HIPAA, and how to ensure that your organization is HIPAA compliant, visit the U.S. Department of Health & Human Services.