This guide to secure texting has been prepared following the implementation of the “Final Omnibus Rule” in March 2013. It specifically applies to revisions of the Health Insurance Portability and Accountability Act 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act 2009 (HITECH), but the secure texting guidelines mentioned below could be applied in many different scenarios.
The best practices for secure texting in this instance apply to healthcare professions, health insurance companies and employers who provide HIPAA-covered health insurance to their employees and, for the first time, business associates who provide third party services to the health insurance industry.
New secure texting best practices guidelines were introduced to reduce the risk of protected health information being compromised during the transmission or receipt of patient data, or while such data was stored on a portable or mobile device (cell phone, tablet, Smartphone etc.).
Studies had shown that more than 80 percent of doctors use mobile devices to access protected health information and communicate with their patients, while further research revealed that 66 percent of reported breaches of patient data were due to mobile devices being lost or stolen.
The potential for protected health information breaches has increased significantly since the original Health Insurance Portability and Accountability Act was enacted in 1996 due to technological advances and changes in working practices, and issues such as the following may not have been considered when the original Act was drafted almost
twenty years ago:
It is important to note that the HIPAA secure texting best practices recommendations state “[mobile devices] require appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information” and the failure to comply with the HIPAA secure texting guidelines can result in criminal and/or civil legal proceedings.
Breaches of protected health information are of significant concern to the Office of Civil Rights (part of the United States Department for Health and Human Services), which has recorded breaches of unencrypted health information affecting more than 22.8 million patient records since the enactment of the Breach Notification Rule in 2009.
The major issue which is hoped to be resolved by the new secure texting best practices guidelines is to control who has access to protected health information, how it is transmitted and what is done with it when it is received on a mobile device. The new secure texting guidelines consequently now apply to business associates who would access this information when dealing with health insurance enquiries.
The HIPAA guide to secure texting primarily focuses on protecting patient privacy, but there are some other regulations within the Final Omnibus Rule that all organizations and persons who have access to protected health information should be aware of in the event that sensitive data is believed to have been compromised:
The most trouble-free way of complying with the new HIPAA guide to secure texting is to implement the secure messaging platform from TigerText. TigerText´s secure messaging platform is a cloud-based software application which requires no installation or training before users can engage in secure texting best practices.
TigerText enables organizations and individuals to send and receive messages containing sensitive patient data via a secure virtual private network, which fully complies with the new HIPAA secure texting guidelines and ensures the integrity of protected health information.
The TigerText secure messaging platform also uses a confirmation system to relay when a text message has been received and read, to save time on follow-up calls and to increase the efficiency of organizations and individuals who are using the system.
TigerText provides secure, real-time mobile messaging for the enterprise, empowering organizations to work more securely. TigerText’s encrypted messaging platform keeps communications safe, improves workflows, and complies with industry regulations.