Is SMS Text Messaging HIPAA Compliant?

The benefits of SMS texting apply to numerous industries, including healthcare providers that use text messaging to communicate with patients because it’s quick, easy, and convenient. While other businesses don’t have to worry about compromising sensitive patient information, healthcare practices must be sure not to violate the law by divulging something sensitive.SMS

Use this information so you can send Health Insurance Portability and Accountability Act (HIPAA) compliant SMS texts to keep your patients safe and secure, and will also get you higher response rates.

What is HIPAA?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge. The purpose is to protect the privacy of patients and health plan members and to ensure health information is kept secure and patients are notified of breaches of their health data.

Question of compliance

There is nothing wrong with physicians using text messages to communicate with other healthcare professionals, physicians, or care teams. Problems arise when text messages contain any protected health information that patients have not given their consent to share.

When it comes to SMS texting between healthcare professionals and patients, providers must consider the content of the messages, to whom the messages are sent, and whether consent has been obtained to send information via an SMS network. Additionally, what is permitted must be very clear. For example, a patient may give permission for appointment reminders by text but not permission to share information that may reveal the doctor or medical conditions that would fall into protected health information (PHI).

Sending compliant SMS

Healthcare organizations interested in communicating via SMS should develop processes and procedures to contain who has access to private health information and how it is used. It’s important to consider the risk that PHI could be compromised when a mobile device is lost, stolen, or sold when determining the type of SMS you wish to send.

The best way to communicate with patients is via a specifically designed system with HIPAA access controls, audit controls, and encryption. Secure texting can be accomplished with encrypted messages transmitted from a secure server. Because all sensitive data is stored locally, cell phone networks that carry the message (or photos) cannot keep a copy.

Ready to power your healthcare brand with SMS?

Want to securely connect with your patients using HIPAA-compliant texting? At Simplified Alerts we work with you and keep your HIPPA compliance requirements and goals in mind to deliver the best results. Of course, you likely have questions. We’re here to help. Let’s start with a chat.