Sending text messages and HIPAA compliance became an issue for a number of healthcare organizations when, in 2013, the Final Omnibus Rule enacted specific regulations within the Health Insurance Portability and Accountability Act (HIPAA).
Because of the vast number of medical professionals using their personal mobile devices to access and transmit protected health information (PHI), healthcare organizations had to introduce systems and procedures to facilitate HIPAA compliant text messaging.
The penalties for not complying with the HIPAA regulations for text messaging are substantial; with fines of up to $50,000 for each violation of the Act when a breach of PHI occurs and a maximum of $1.5 million for repeat offenses.
Complying with the HIPAA regulations for text messaging requires that certain physical, technical and administrative conditions are fulfilled in order to ensure the integrity of PHI. The list below is a selection of the conditions that apply to text messages for HIPAA compliance:
In addition to enacting specific regulations, the Final Omnibus Rule extended the scope of the Act. In addition to employer, health insurance providers, health insurance clearing houses and medical professionals, the rules for text messages and HIPAA compliance now apply to associates, subcontractors or any third-party service provider who has access to PHI.
This means that if an insurance provider wants details of the treatment a patient has received in hospital, it also has to be an authorized user on a secure messaging system in order to retrieve that information. Short-term associates, subcontractors and third-party service providers do not necessarily have to become authorized users, provided they sign a contract which requires them to:
TigerText´s secure text messaging solution integrates seamlessly with most existing communication systems by allowing authorized users access to a secure enclosed network to send and receive PHI. The “solution” meets all the physical and technical conditions required for HIPAA compliant text messaging, produces audit logs for administrators to monitor usage by authorized users and automatically generates read receipts when messages have been opened to eliminate the need for follow-up calls.
The secure text messaging solution has been specifically developed by TigerText to operate in much the same way as SMS messaging, so that authorized users will have no difficulty in adhering to policies that are introduced for text messages and HIPAA compliance and can start using the system with minimal instruction.
Case studies have shown that complying with the HIPAA regulations for text messaging has resulted in numerous benefits. With the possibility for doctors to receive PHI on the go with secure text messaging, quicker delivery of lab results by secure text messaging, healthcare organizations have seen an increase in staff efficiency and a decrease in costs.
The Houston Fertility Institute noted 80% less time being wasted in phone tag when a TigerText secure text messaging solution with multi-platform functionality was introduced, and the El Rio Community Health Center in Arizona saw a 22% increase in staff efficiency when a TigerText secure text messaging system was implemented as a solution to the existing communication workflows.
Last year the Ponemon Institute conducted research on patient discharges and found that waiting times were cut in half when medical facilities were complying with the HIPAA regulations for text messaging. The Institute calculated that the average saving on staff costs was equivalent to $557,253 each year for each medical facility.
TigerText provides secure, real-time mobile messaging for the enterprise, empowering organizations to work more securely. TigerText’s encrypted messaging platform keeps communications safe, improves workflows, and complies with industry regulations.