Navigating The Compliance Maze of Secure Text Messaging in Healthcare

10.23.13 In the News

By: Fred Pennic | October 23, 2013 (Featured on HIT Consultant)

Understanding the impact of secure text messaging in healthcare and the potential risks of privacy that come into play when a doctor texts a patient.

Everyone is texting — even your doctor. And that means a world of possibility when it comes to making appointments, finding out about new treatment options or simply asking a question about medical issues. But it also opens up potential privacy issues that can mean troubled times for physicians who are trying to stay HIPAA-compliant.

Texting and Healthcare Privacy Laws
Navigating The Compliance Maze of Secure Text Messaging in HealthcareSending a text has become a quick, easy way to communicate, and people of all ages are embracing it. Those under the age of 30 are more likely to engage in online interaction with doctors, according to the National Community Health Survey by The Atlantic and GlaxoSmithKline. Older adults are taking advantage of the Internet and cell phones as well; in 2012, over 69 percent of all adults over the age of 65 had a cell phone, according to the Pew Internet and American Life Project. A separate Pew Internet study showed that texting is here to stay, as 73 percent of all cell phone users reported sending texts at least occasionally.

Many physicians and other healthcare professionals are taking advantage of the opportunity to reach their patients via cell phone. A 2012 New York Times article profiled physicians who are using cell phones as a way to reach and teach their teenage patients, while a 2012 article from Social Work Today pointed out ways that older Americans can make use of healthcare texting, including medication reminders and compliance alerts.

When a doctor texts a patient, questions of privacy come into play. Texting is generally not considered a secure way of relaying information, as cell phones can and do get lost or other people might read the texts meant for a particular person, among other potential problems. But when healthcare professionals text each other, the issues of privacy become even trickier.

HIPAA-Compliant Apps to the Rescue
Navigating The Compliance Maze of Secure Text Messaging in HealthcareBusy physicians might find voice messages or paging to be a cumbersome way of communicating, especially when they have a lightning-fast smartphone in their pocket. In a world where time is of the essence, cutting out the long delays for physicians to give orders, talk to patients or follow up on test results could make a significant difference in the lives of patients. As Becker’s Hospital Review points out, nurses spend a hour each day tracking down physicians, and that’s just the tip of the inefficient healthcare communication iceberg.

However, the problems with texting are clear: Text messages can sometimes get sent to the wrong person, and even if it gets to the correct number, the text could be read by someone other than the recipient. The information can be forwarded to anyone, and could remain on phones for indefinite amounts of time. In addition, if a phone gets lost — as they often do — a plethora of patient information could be compromised.

Doctors and patients have already embraced the idea of mobile apps for healthcare, so it’s no surprise that secure healthcare texting may depend on mobile apps as well. Healthcare texting applications allow physicians, nurses, and other healthcare professionals to communicate quickly and clearly, without worry about violations of the Health Insurance Portability and Accountability Act (HIPAA). In order to ensure patient confidentiality, the Joint Commission created Administrative Simplification Provisions (AS) designed to protect information sent via text message. The four rules for compliance include secure data centers, encryption of messages, recipient authorization and audit controls, according to the American Association of Orthopaedic Surgeons.

One of the first entries into the world of HIPAA-compliant texting applications is Doc Halo, a text system that has become the professional standard. The early success of the program has spurred other applications, such as TigerText or Sprint Enterprise Messenger — Secure, from Sprint, and Cortext, from IT security company Imprivata. The success of these apps mean that an avalanche of mobile applications are coming soon, and healthcare professionals will have plenty of options.

Navigating the World of Healthcare Texting
Though these applications can make texting secure between healthcare professionals, texts sent to patients can still create privacy concerns. As such, healthcare professionals should always use their best judgment in deciding how far to take text communications. Some physicians might be comfortable with appointment reminders or alerts to test results received, while others might be willing to answer general health questions.

Yet to be determined are the ways texting will change a medical practice or patient-doctor relationship. For instance, will texting with doctors be a billable service? How many texts are appropriate? What hours are appropriate? And how will doctors handle those patients who are happy to text for all their needs, but balk at the idea of coming into the office for a face-to-face consultation or physical exam?

Just as text messaging between physicians and other healthcare providers is changing, expect to see changing dynamics of texting and other social media pursuits between doctors and patients — and more mobile apps that make healthcare texting much more secure than it is today.