In March 2013, the Final Omnibus Rule updated both the Health Information Technology for Economic and Clinical Health Act (HITECH) and Health Insurance Portability and Accountability Act (HIPAA), and revised the guidelines for the security measures that should be provided by HIPAA texting software to preserve the integrity of patient health information (PHI).
This article explains what the primary changes to the guidelines for HIPAA text messaging software are, why they were introduced, and how healthcare organizations and parties who have responsibility to preserve the integrity of PHI can comply with the new regulations by using HIPAA software for secure messaging easily, and without the hassle of updating computer systems or diverting important resources from where they are required.
One of the most important revisions to the guidelines for HIPAA texting software was that the scope of the Health Information Technology for Economic and Clinical Health Act and Health Insurance Portability and Accountability Act was extended to include everybody who may have access to PHI or transmit sensitive patient data in text messages from their mobile devices (Smartphones, tablets and cell phones).
Whereas previously, the guidelines for HIPAA text messaging software applied to healthcare organizations, healthcare professionals, health insurance companies and employers who provided a healthcare program; the regulations concerning HIPAA software for secure messaging now also apply to third party service providers such as insurance brokers and insurance fund administrators.
Third party service providers – and any sub-contractors employed by them – must comply with the revised guidelines for HIPAA texting software or risk being fined by the Office of Civil Rights should a breach of PHI occur. It will also be possible for patients or employees whose PHI is compromised to make a compensation claim against the individual or organization responsible for allowing unauthorized access to their private health and financial details.
In addition to the scope of the two Acts being extended, guidelines for HIPAA text messaging software were also introduced. These guidelines affect how PHI is stored, accessed and transmitted, and require that HIPAA software for secure messaging has specific features in place. These features include:
The updated guidelines for HIPAA text messaging software were needed after the Centre for Democracy and Technology had conducted a survey which revealed that 66 percent of all PHI breaches were attributable to the loss or theft of a personal mobile device.
According to a study carried out by the Health Research Institute, more than 80 percent of physicians use personal mobile devices to send or receive patient data, or access PHI. Furthermore, the use of personal mobile devices to send, receive or access PHI was also identified as a risk when sensitive patient data was transmitted on open cell phone networks or in public Wi-Fi areas.
Therefore, the HIPAA texting software guidelines were updated to safeguard the privacy of patients in HIPAA-covered health insurance programs, and to protect healthcare workers – who were unaware that texting PHI from their personal mobile devices was in breach of HIPAA text message software regulations – from being exposed to the threat of civil legal action.
In order to be compliant with the revised HIPAA texting software guidelines, healthcare organizations should use a messaging platform that transmits encrypted PHI over a secure network which only administrators and authorized users have access to.
The messaging platform should allow users to transmit content and attachments within an enclosed secure application, which the authorized user(s) can only access by a password; thus isolating PHI from any other personal text messages the user may receive or send on their personal mobile device.
The messaging platform should also have the capability of remotely deleting any text messages that have been sent, and removing the user from the network, in the event that the personal mobile device is lost or stolen, or the authorized user wants to sell or dispose of their mobile device.
TigerText’s HIPAA software for secure messaging enables HIPAA compliant texting for all parties covered by the revised guidelines by operating via a “software as a service” secure cloud-based application. Healthcare professionals, health insurance providers, employers and sub-contractors can communicate PHI freely via their personal mobile devices without any risk to the integrity of sensitive patient data.
With no training required in order to use the HIPAA software for secure messaging, authorized persons will find communication via TigerText’s HIPAA texting software straightforward and little different from their regular texting practices. Furthermore, system administrators will find that the TigerText HIPAA text messaging software makes it easier to control who has access to PHI and how it is shared.
The TigerText HIPAA software for secure messaging also has additional benefits which more than justify the cost of the system, which can increase the efficiency of employees within work environment, and which has the potential to improve the standard of healthcare received by patients:
To find out more about TigerText’s HIPAA software for secure messaging and how the TigerConnect platform complies with the revised regulations, you are invited to download our free white paper “Top 8 Secure Messaging Policy Best Practices” or contact us with any questions you may have about HIPAA text messaging software.
TigerConnect provides secure, real-time mobile messaging for the enterprise, empowering organizations to work more securely. TigerConnect’s encrypted messaging platform keeps communications safe, improves workflows, and complies with industry regulations.