Clinical Texting & HIPAA Compliance

HIPAA compliance for clinical texting has become an issue in relation to the use of personal mobile devices has increased in the healthcare sector. Statistics are often referred to that 87% of physicians (Manhattan Research) and 67% of nurses (American Nurse Today) use Smartphones in the workplace to “support their workflow”, but a more in-depth study carried out by Wolters Kluwer in 2013 gave a better insight into the manner of mobile device use and the risks to the integrity of Protected Health Information (PHI).

According to the results of the report, 44% of clinicians use a personal mobile device to communicate with colleagues and nurses, 17% of clinicians obtain patient data on their Smartphones for healthcare reasons and 12% of clinicians gather billing information from data accessed by their personal mobile devices. Each of these actions can lead to a breach of PHI, but the volume of healthcare-related communications with colleagues and nurses is a major issue in relation to HIPAA compliance.

Clinicians sharing texts or emails including PHI from their mobile devices have no control over where the message is being sent. Messages can be intercepted on unsecured cellphone networks and public WiFi services, lost or stolen Smartphones expose PHI to the danger of unauthorized access, and PHI could be shared with a passer-by if a mobile device is left unattended. With the possibility of fines as high as $50,000 per day for a breach of PHI, HIPAA compliance for clinical texting is more than just a compliance issue – it can also become a financial problem.

Resolves the Compliance Issue with Secure Text Messaging

Secure text messaging is a means of ensuring HIPAA compliance for clinical texting that is simple to put in place and cost-effective. Secure text messaging solutions work by creating a private network through which all communications are channeled using safe messaging apps. The apps appear to be commercially available messaging apps, but comply with the administrative, physical and technical security measures of the HIPAA Security Rule for protecting the integrity of PHI on the move.

Because text messages including PHI are encrypted and encapsulated within the communications network, there is no danger of messages being intercepted over open cellphone networks and public WiFi services. Additional security measures allow the remote PIN-locking of the apps if a Smartphone is lost or stolen to stop unauthorized access to PHI, while an automatic time out feature logs a user out of the application following a period of inactivity to prevent “passer-by” access.

When secure text messaging solutions are integrated with EHRs, clinicians can still obtain patient data for healthcare reasons and to gather billing information, but without the risk of a breach of PHI. According to a study carried out by the Tepper School of Business at the Carnegie Mellon University, EHR integration can lead to a 27 percent reduction in patient safety issues and a 30 percent reduction in medication mistakes – a compelling reason to evaluate HIPAA compliance for clinical texting.

The Financial Advantages of Secure Clinical Texting

One of the main compliance issues resolved by secure text messaging is message accountability. All activity on a HIPAA compliant communications network is recorded and reviewed, ensuring that every message is accounted for. This feature – linked with delivery notifications and read receipts – significantly cuts phone tag and frees up more time for healthcare providers to attend to their healthcare tasks, thus enhancing productivity.

Healthcare groups that have implemented solutions to establish HIPAA compliance for clinical texting also report that secure text messaging accelerates the flow of communication, allowing healthcare providers to streamline their workflows. Group messaging functions allow collaboration between healthcare suppliers and have also been shown to accelerate hospital admissions and patient discharges.

The cost-effectiveness of secure text messaging is also an key consideration to review. Solutions for HIPAA compliance for clinical texting cost nothing to download and have very low operating costs. As the services are cloud-based, there is no hardware to purchase, no complicated software to install that will limit the resources of an IT department, and – due to the familiar text-like interfaces of the secure text messaging apps – the solution is very popular.

HIPAA Violation Penalties

Most Common HIPAA Violations Causes