In 2013, changes to the Health Insurance Portability and Accountability Act (HIPAA) introduced new conditions for accessing PHI and text messaging sensitive patient data. These new conditions were also extended to “associates”, sub-contractors and third-service providers – who now have to make appropriate arrangements to ensure that, when they are text messaging PHI, they are in compliance with HIPAA.
The Privacy and Security Regulations contained within HIPAA apply to medical professionals, health insurance providers (including employers as well as brokers who work for insurance companies), health insurance clearing houses (including fund administrators and managers), and any subcontractor who has access to protected health information (irrespective of whether it is stored electronically or not).
Protected health information (often abbreviated to PHI or ePHI) is defined as “any information about health status, provision of health care, or payment for health care that can be linked to a specific individual”, and consists of eighteen different “identifiers” which could connect specific details to a patient (such as photographs of the patient, their social security number or their telephone number).
When communicating PHI via text messaging certain safeguards now have to be in place to prevent a potential security breach. The conditions for text messaging PHI in compliance with HIPAA include:
Text messaging PHI in compliance with HIPAA involves implementing a secure texting system which fulfills the requirements of the HIPAA Privacy and Security Rules, but most organizations will already have a communications structure in place which – understandably – they do not want to dispose of and rebuild from scratch.
Fortunately, TigerText´s secure texting system integrates effortlessly with most existing systems, and surpasses the physical and technical requirements needed for compliant PHI text messaging, by allowing authorized users to access and transmit sensitive patient data through an encrypted and secure network.
The TigerText application automatically produces read receipts in order that senders can see messages have been read, and audit logs which enable administrators to easily monitor usage by authorized users and identify any threat to the integrity of PHI. The secure texting system also has the facility to assign a message lifespan to text communications so that they are automatically deleted after a pre-determined period.
TigerText´s system has been specifically designed to operate in a similar way to SMS messages, so that those to whom the rules about PHI and text messaging apply to will have no difficulty in understanding how to use the system and adapt to it immediately.
Organizations that have taken steps already to accommodate text messaging ePHI in compliance with HIPAA have witnessed significant benefits such as increased efficiency and cost reductions. The following is a selection of examples from our case studies in order to illustrate the benefits of compliant ePHI and text messaging:
TigerText provides secure, real-time mobile messaging for the enterprise, empowering organizations to work more securely. TigerText’s encrypted messaging platform keeps communications safe, improves workflows, and complies with industry regulations.