Healthcare Text Messaging
The rules regarding healthcare messaging were recently revised in the Final Omnibus Rule – legislation that was enacted in March 2013 (effective September 2013) and which updated the existing Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH).
The revised regulations affect everybody who has access to protected health information or who engages in healthcare text messaging in the course of their work. Consequently, in addition to employers, healthcare professionals and health insurance companies, any organization or sub-contractor that provides third-party services to the healthcare industry also has to comply with the new healthcare texting legislation.
Why Healthcare Texting Regulations had to Change
Due to changing work practices and technological advances, more than 80 percent of healthcare professionals now access protected health information or communicate patient data via their mobile devices (according to a study by the Health Research Institute).
The Centre for Democracy and Technology recently revealed that 66 percent of reported protected health information breaches are attributable to mobile devices being lost or stolen and the data on the devices being accessed by unauthorized individuals.
With additional breaches of protected health information occurring due to individuals using their mobile devices on open cell phone networks and in locations with publicly accessible Wi-Fi, the healthcare texting regulations had to change to safeguard the privacy and security of patients in HIPAA-covered health programs.
The Revised Healthcare Messaging Guidelines
The revised healthcare messaging guidelines set the criteria for the conditions that should be in place before employees and sub-contractors can access protected health information or transmit/receive sensitive data on their mobile devices (Smartphone, cell phone, tablet, etc.):
- Organizations associated with the healthcare industry must introduce a system of secure healthcare messaging which is centrally controlled and which limits access to protected health information.
- Assessments should be conducted periodically in order to identify any risks to the integrity of protected health information and to ensure that secure healthcare texting procedures are being complied with.
- All protected health information stored within the secure system should be encrypted in order to make it “unreadable, unusable or indecipherable” should the system be hacked or data copied without authorization.
- The system should be established in such a way that employees or sub-contractors are unable to store protected health information locally on their personal mobile devices when it is received in a text message.
- Employees and sub-contractors should be informed of the procedures to report the theft, loss or disposal of their mobile devices immediately, so that they can be removed from the secure system and safeguard the integrity of protected health information.
Tough penalties are in place for any organization or individual who is responsible for a breach of protected health information, and patients have the right to initiate civil legal action if their private health data is compromised.
How to Secure Healthcare Text Messaging
In order to comply with the revised HIPAA and HITECH regulations and secure healthcare text messaging, organizations should be implementing an encrypted messaging platform. Authorized persons can gain access to the data stored on the platform via their mobile devices, and be in communication with other authorized persons through the network, provided that they are within range of an Internet signal – which can be publicly accessible Wi-Fi, as the data that is being retrieved is encrypted.
The mobile device still operates as normal if the owner wishes to communicate with friends, browse the Internet or send private text messages; although emails should not be used to transmit protected health information, as emails are copied onto routing servers as they are in transit and can never be permanently deleted. In the event that the authorized user loses their mobile device – or it is stolen – the administrator of the encrypted messaging platform should have the facility to remove the user from the network and secure the integrity of any protected health information that has been accessed by the device.
Secure Healthcare Texting with TigerText
TigerText´s encrypted messaging platform enables secure healthcare messaging by operating via a protected, cloud-based application. Healthcare industry professionals and sub-contractors who communicate patient data using their personal mobile devices, or who access protected health information in the course of their work, will find the platform easy to understand and simple to use.
With no software to download before being able to use TigerText´s encrypted messaging platform, authorized users will not be inconvenienced by using the TigerText platform, while administrators will find the usage reports suitable for maintaining control over the transmission of protected health information and ensuring compliance with the revised healthcare messaging guidelines.
The TigerText encrypted messaging platform for healthcare text messaging also provides additional benefits which reduce costs, increase efficiency and improve the standard of care provided to patients:
Authorized users are able to communicate simultaneously when using TigerText, and the platform enables teams of healthcare professionals to collaborate together in the same conversation even when they are many
- Waiting times for responses are reduced when TigerText´s secure messaging platform is used for healthcare messaging on mobile devices, as delays no longer occur while waiting for colleagues to log-in to messaging accounts.
- The automatic acknowledgements and read receipts provided by TigerText´s secure messaging platform save times and money by eliminating follow up calls to ensure that messages have been received and read.
- The quick and secure transmission of healthcare text messaging by TigerText enables fast decision-making when information is required urgently to provide the most suitable healthcare to patients.