In simple terms, no, general text messaging is not HIPAA compliant. Perceived as a social and causal norm, text messaging is not the ideal means of sharing patient information in a healthcare setting. It is an informal exchange of messages that is easy, quick, and convenient. The HIPAA security rule has”national standards to protect individuals’ electronic personal health information that is created, received, used, or maintained by a covered entity”. Therefore, normal text messaging on an smartphone device is missing an extra layer of security ensuring protection of personal health information.
Technology is delivering HIPAA compliant text messaging
Continuous advancements in technology have encouraged the healthcare workforce to implement HIPAA compliant texting in their facilities. Two main stakeholders benefit from this innovation; the healthcare workforce and the patient. As we are in the midst of a full transition to value based care, our thought process and decision making is patient-centered.
Therefore requiring more coordinated effort across organizations as compared to fee for service models. Health care providers need to communicate among each other to efficiently come up with the best treatment plan for their patients. Hence, HIPAA compliant texting is an ideal solution to be in the loop of a patient’s follow up plan without physically being there.
HIPAA Security Rule
HIPAA already has standards in sharing confidential patient information. However, in terms of HIPAA compliant text messaging or emailing HIPAA information, the Department of Health and Human Services has introduced the Security Rule. “A major goal of the Security Rule is to protect the privacy of individuals’ health information while allowing covered entities to adopt new technologies to improve the quality and efficiency of patient care”. HHS is in favor of experimenting with technology but has some rules to ensure patient confidentiality.
The point of interest of the Security Rule is to protect ‘Electronic Protected Health Information (e-PHI)’, There are 4 general rules to follow in order to make any app or electronic platform, essentially HIPAA compliant:
- Ensure the confidentiality, integrity, and availability of all e-PHI they create, receive, maintain or transmit
- Identify and protect against reasonably anticipated threats to the security or integrity of the information
- Protect against reasonably anticipated, impermissible uses or disclosures
- Ensure compliance by their workforce
It can be inferred that patient data is not readily available to anyone. Authorized individuals only can access and manage patient information.. In addition, e-PHIs cannot be destroyed in an unauthorized manner.
HIPAA compliant text messaging platform: Hucu.ai
Piecing the information thus far, a HIPAA compliant text messaging app has certain rules to follow but is a superb addition to the healthcare industry on both the acute and pot-acute side. An example of a HIPAA compliant messaging app is Hucu.ai, which complies with the Security Rules of HIPAA..
It is a FREE person-centered messaging network with real-time patient health & staff attrition risk reporting. Innovative post acute care physician groups and skilled nursing operators are downloading the mobile app (available both in iOS and Android) and improving communication and collaboration immediately. They help solve key healthcare problems that cause inefficiency and frustration for everyone involved in a value based care model. For instance:
- Non-HIPAA compliant fragmented communication using outdated 1-1 methods (phone, fax, paper, email and text) with no accountability
- Lack of visibility of individual patient risk among myriad treatment partners impacting timely care
- High staff turnover and lack of performance transparency.
Hucu.ai solves these problems with:
- Easy and FREE patient-centered HIPAA compliant messaging apps, that allow various professionals across healthcare (hospitals, SNFs, Home Health, etc.) to communicate with each other in (i) context of patient, (ii) groups, or (iii) 1-1 direct-messaging.
- Patient risk visibility
- Built-in employee appreciation tools
Apps like Hucu.ai are bridging the communication gap between the patient and provider. In summary, today, text messaging is not HIPAA compliant but can be.
Get Ready To Transform Your Organization For
Value Based Care.
Subscribe to our monthly newsletter