The Final Omnibus Rule of March 2013 updated both the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH) and raised the question, “Is texting in hospitals HIPAA compliant?”
The revised guidelines for “when is texting in hospitals HIPAA compliant” broadened the scope of the Act to include everybody who may have access to protected health information (PHI). Whereas the most likely individuals to be concerned about hospital texting HIPAA compliance would previously have been healthcare organizations, healthcare professionals, providers of health insurance and employers who offered a healthcare program; the regulations regarding HIPAA compliant hospital texting now also apply to third party services providers such as administrators, fund managers and insurance brokers.
These third parties – and any sub-contractors employed by them – must comply with the revised HIPAA regulations or risk being fined by the Office of Civil Rights should a breach of PHI occur. Patients or employees whose PHI is compromised can also make a civil claim for compensation against the organization or individual responsible for allowing unauthorized access to their private health and financial details.
Prior to the introduction of revised guidelines for HIPAA compliant texting in hospitals, the Centre for Democracy and Technology had estimated that 66 percent of all PHI breaches were attributable to the theft or loss of a personal mobile device.
With technological advances and changing work practices, more than 80 percent of healthcare professionals now communicate patient data or access PHI with their mobile devices (according to research conducted by the Health Research Institute) – although not always in compliance with the existing HIPAA regulations.
The use of personal mobile devices in hospitals to transmit PHI was also identified as a risk when sensitive patient data was sent and received on open cell phone networks or accessed in public Wi-Fi areas.
Therefore, the regulations regarding hospital texting and HIPAA compliance were revised to safeguard the privacy of patients in HIPAA-covered health programs, and to protect individuals who were unaware of HIPAA compliant texting guidelines and were exposed to the threat of civil legal action.
In order to ensure HIPAA compliant texting in hospital, healthcare organizations should introduce an encrypted HIPAA compliant hospital texting platform. Encrypted texting platforms protect PHI within a secure closed network which only administrators and authorized healthcare professionals have access to.
The authorized individual´s personal mobile device still works as normal if the individual wants to use their cell phone, smartphone or tablet, to call or message with friends or browse the Web; however, emails should only be used for personal reasons and not to transmit PHI, as copies of email messages are made on routing servers as each message is in transit and they cannot be deleted remotely or permanently.
TigerText´s encrypted texting platform enables HIPAA compliant texting in hospitals by operating via a “software as a service” cloud-based application. Hospital administrators, healthcare professionals and sub-contractors who communicate PHI via their personal mobile devices will find using TigerText little different from their regular texting practices while staying within hospital texting and HIPAA compliance.
With no software to download or training required before HIPAA compliant texting in hospital can start, there is no need for IT departments to set up personal mobile devices or activate an application. System administrators will need a brief induction on how to manage TigerText´s HIPAA compliant hospital texting system, so that texting in hospital is HIPAA compliant and so that they get the maximum benefit from usage reports produced by the system.
The TigerText encrypted texting platform also has additional benefits which justify the cost of the system, improves efficiency within a hospital environment, and increases the standard of healthcare provided to patients:
Discover these five commonly held, but mistaken perceptions, of secure texting.
TigerText provides secure, real-time mobile messaging for the enterprise, empowering organizations to work more securely. TigerText’s encrypted messaging platform keeps communications safe, improves workflows, and complies with industry regulations.