Texting PHI

The Office for Civil Rights or OCR  with HIPAA oversight  has not produced the long-awaited guidance on texting protected health information.  Finally, at a Health Information Management Conference in March the OCR director said healthcare providers could text message their patients with PHI.  However, the provider must warn the patient that it is not secure.  In addition, the provider must obtain and document  patient authorization to receive texts.

Recent Guidance on Sharing PHI Safely

The Centers for Medicare and Medicaid Services or CMS oversees the Conditions of Participation and Conditions for Coverage.  CMS issued a memo on healthcare provider texting protected health information safely on December the 28th of 2017.  Most importantly the takeaways are:

Texting Protected Health Information

CMS permits texting of patient information among members of the health care team. ? Above all, the?platform must be secure and encrypted. As a result, it minimizes the risks to patient privacy and confidentiality. ?Most importantly, HIPAA regulations, the Conditions of Participation and the Condition for Coverage require this as a safeguard.

Texting Patient Orders

Regardless of the platform, CMS prohibits the practice of texting of patient orders. Above all,  the provider is not in compliance with the Conditions of Participation or Conditions for Coverage if he or she texts patient orders to a member of the care team.

CPOE for Orders

Most importantly, providers should opt for the use of Computerized Provider Order Entry (CPOE) as the preferred method of order entry. CMS insists that a physician or Licensed Independent Practitioner (LIP) should enter orders into the medical record via a handwritten order or via CPOE.  When using this system, orders are immediately downloaded into the provider’s electronic health records (EHR). Moreover, this method is preferred as the order would be dated, timed, authenticated and promptly placed in the medical record.

It is critical for all providers to understand and follow these new guidelines from CMS on Texting Protected Health Information among Healthcare Providers.

For more information please contact us.

Contact Us Today