Hospital Policies for Texting Patient Information


Jul 1, 2014 TigerText

Policies for Text Messaging Patient Information Inside a Hospital

It is essential that healthcare organizations develop hospital policies for texting patient information inside a medical facility in order to comply with the “Organizational Requirements” of the Health Insurance Portability and Accountability Act (HIPAA). The increased use of personal mobile devices in healthcare environments has increased the risk of compromised ePHI if a message is sent to the wrong person or when a mobile device is lost or stolen.

Consequently the HIPAA organizational requirements state that “a covered entity must adopt reasonable and appropriate policies and procedures to comply with the provisions of the Security Rule”, and the reason behind this requirement is to make sure that an organization´s efforts in implementing a secure messaging solution is not undermined by their employees not knowing when and how to securely communicate ePHI.

What to Include in Hospital Policies for Texting Patient Information

So, what should be included in policies for text messaging patient information inside a hospital? Well, the basics are that all patient information or any data that could reveal the identity of a patient must only be communicated using the secure messaging solution and that sanctions will be applied if a breach of ePHI occurs due to an employee´s lack of care. Furthermore, if an employee loses their mobile device – or it is stolen – the loss has to be reported to an administrator so that the employee´s device can be removed from the system and any sensitive patient data contained on it remotely deleted.

Hospital policies for texting patient information should also be reviewed at appropriate intervals, and adjusted as necessary to account for technological advances, changes in working practices and new legislation – indeed a recent update to the HIPAA Organizational Requirements included the instruction “a covered entity must periodically review and update its documentation in response to environmental or organizational changes that affect the security of ePHI”.

TigerText´s Top 8 Secure Messaging Policy Best Practices

TigerText is the leading provider of secure messaging solutions to healthcare organizations, and more than 4,000 medical facilities rely on TigerText to ensure compliance with the HIPAA regulations. Naturally our service extends beyond providing the platform that enables healthcare organizations to communicate in compliance with HIPAA, and we have compiled a free white paper – The Top 8 Secure Messaging Policy Best Practices – which offers valuable advice about what to include in hospital policies for texting patient information inside a medical facility.

You are welcome to download our free white paper to learn more about policies for text messaging patient information inside a hospital and how such policies can be integrated into existing organizational policies in order to streamline compliance with the HIPAA Organizational Requirements. Alternatively you are invited to contact us with any questions you may have with regard to the HIPAA Organizational Requirements or to request a free demonstration of TigerText´s secure messaging solution in action.