Texting medical information has recently come under the spotlight due to changes introduced in the Health Insurance Portability and Accountability Act (HIPAA). These changes affected many people working in the healthcare industry – due to the convenience of accessing and communicating medical information by text – and the organizations that have to oversee usage of texting medical information.
Due to the potential risk of protected health information (PHI) being compromised – and the fines that accompany a breach of PHI – many organizations have been reviewing their medical information texting practices to ensure they are HIPAA-compliant.
According to the HIPAA Privacy Regulations, the rules about texting medical information apply to health insurance providers (employers and insurance companies), health insurance clearinghouses (including brokers and fund administrators), and to any medical professional – or subcontractor employed by a healthcare organization who has access to PHI.
PHI is defined as “any information about health status, provision of health care, or payment for health care that can be linked to a specific individual” and there are eighteen different “identifiers” which could connect specific PHI to an individual. Even though these “identifiers” should be encrypted and protected behind a secure database, they could be intercepted when communicating medical information by text over publicly accessible Wi-Fi or on open cell phone networks.
The risks of communicating medical information by text over publicly accessible Wi-Fi or on open cell phone networks lies in the storage and access of the medical information. Messages can be intercepted by anyone with access to the recipient´s mobile device and messages only remain encrypted on a network´s servers until somebody finds a way to unencrypt them, as they are permanently stored on your network providers servers. There is also the risk that without an UNDO and no limit to who you can send information to, you might be accidentally texting medical information to a complete stranger (studies have shown that 38% of people have sent a text message to the wrong person at one time or another).
Consequently medical information texting is only HIPAA-compliant when both the sender and the recipient are authorized users of a secure text messaging platform that keeps messages encrypted and within a secure closed network. Controls also allow administrators to delete text messages and remove authorized users from the system should their personal mobile device be lost, stolen or otherwise misplaced.
Many organizations that are required to conform to the rules for texting medical information will encounter problems when trying to meet the demands of the HIPAA Privacy Rule; however a solution exists in the form of a secure text messaging system which connects authorized users to an encrypted and secure platform, accessible via their mobile devices or web browsers.
As the operation of using a secure text messaging system by the end-user is very similar to medical information texting by “regular” non-secure SMS messages, authorized users should have no difficulty in understanding the system, and how to attach documents (such as lab results) or images (of an injury) to their secure conversations.
Texting medical information using a secure text messaging system has produced significant benefits for multiple healthcare organizations. Our own case studies have shown cost-saving and efficiency-increasing advantages of secure medical information texting including:
Secure medical information texting means that nurse-doctor communications are improved by quicker communication via a secure texting system, lab results can be delivered instantly by attaching documents to secure texting conversations and doctors can receive PHI on the go with access to their secure texting system via their mobile phones. The ultimate beneficiaries of secure medical information texting are the patients, who are generally receiving a higher level of healthcare than ever before with accelerated patient care and diagnosis from those that use secure texting.
Speak with TigerConnect about Secure Texting, TigerConnect’s secure messaging system surpasses the HIPAA regulations for texting medical information and enables the secure sending of PHI via a cloud-based “on demand” platform. TigerConnect’s system has been specifically designed to be compatible with existing medical information texting practices so that no specific end-user training is required in order to understand how communicating medical information by text can be HIPAA-compliant.
TigerConnect provides secure, real-time mobile messaging for the enterprise, empowering organizations to work more securely. TigerConnect’s encrypted messaging platform keeps communications safe, improves workflows, and complies with industry regulations.