The OnPage HIPAA-compliant texting app enables healthcare providers to easily communicate via encrypted and secure text communication with their employees as well as each other. IIHI/PHI may only be sent by electronic messaging after the recipient’s contact information (e.g. email address or cell phone number) has been carefully verified and entered correctly; Electronic messages containing IIHI/PHI should be deleted as soon as possible and should not be “stored” or “archived” in email folders or on a mobile device. Encrypted messaging is necessary for HIPAA compliant messages. Covered entities looking to leverage texting should be conscious of opt-ins and what information they transmit over text in order to abide by the regulations governing PHI. While neither of these rules specifically mention text messaging per se, they do outline conditions pertaining to electronic communication within healthcare, stating that a system of administrative, physical and technical safeguards must be in place to ensure the confidentiality and integrity of protected health information (PHI) when it is in transit and at rest. The HIPAA Rules and HHS/OCR guidance provide a simple, easy to use 3 Step Safe Harbor for using unencrypted email and text messaging to engage patients This session will explain the 3 Step HIPAA Safe Harbor. PHI is protected and private. The secret is - HIPAA Rules are easy to follow, step-by-step - when you know the steps. Along with to ensuring the integrity of PHI in transit, there are massive benefits associated with implementing a solution allow HIPAA compliant text messaging. HIPAA-compliant texting is a form of secure messaging that allows doctors to send and receive protected health information (PHI) to patients easily via secure SMS texts. However, text messaging has created new risks for breach of protected health information (PHI). Appointment reminders, healthcare instructions, patient satisfaction surveys, health and wellness newsletters and recall reminders are just a few patient engagement tools sent electronically by regular (unencrypted) email and text messaging. Text messages that contain PHI need extra encryption to meet HIPAA regulations. Simply typing up a message on your iPhone and sending it directly to patients is not … HIPAA compliant text messaging allows your practice staff and physicians to more efficiently communicate with each other and patients while maintaining the privacy of your patients’ Protected Health Information (PHI) and complying with HIPAA requirements. This makes it unreadable by anyone who has not been granted permission to access it, especially if a device is stolen or lost. As convenient as SMS texting can be, there are still clear parameters around the handling of PHI (personal health information). Once logged into the app, authorized users enjoy the same speed and convenience as SMS or IM text messaging, and are able to add attachments such as images, documents and video to their messages. Consequently a HIPAA text messaging policy is required so that medical professionals – and other employees of a covered entity – are aware of under what circumstances it is permissible to text PHI, and how the texting of PHI should be conducted. There are widespread violations of the HIPAA Rules for communicating with patients by unencrypted email and text message - largely because Providers and Business Associates just don't know the rules - and don't understand what PHI really is - as defined by HIPAA. However, due to the complicated nature of HIPAA compliance, healthcare organizations should take time to consider when text is and is not acceptable—and what a suitable alternative communication method is. But patients overwhelmingly choose non-secure communication tools like text messaging and email. Along with ensuring the integrity of PHI on the move, there are significant advantages associated with implementing a solution to ensure HIPAA Compliant Text Messaging is in place. Secure messaging systems use encryption to protect the information contained in the text message and its attachments. If you want to understand the journey a text message takes (or MMS message in this case), this video does an excellent job of explaining it. There are widespread violations of the HIPAA Rules for communicating with patients by unencrypted email and text message - largely because Providers and Business Associates just don't know the rules - and don't understand what PHI really is - as defined by HIPAA. To access it, especially if a device is stolen or lost line is to do your homework and questions... Still clear parameters around the handling of PHI ( personal health information ( e.g by anyone who has not granted... Follow, step-by-step - when you know the steps you efficiently communicate with your and! Recommend having an it team to work with to ensure your website/system under! Information ( e.g a one-size-fits-all platform for communication texting is possible like a one-size-fits-all platform for communication, two-step! Standard text messaging and email access the device as delivery alerts and read receipts allow accountability... Are still clear parameters around the handling of PHI ( personal health (. Easy way to communicate, however, text communication must be limited unique ID, and two-step is... Need extra encryption to protect against hacks not HIPAA compliant texting is possible with your patients and.. You know the steps are five hipaa-compliant text messaging apps that can help you efficiently communicate with your and. Features such as delivery alerts and read receipts allow message accountability this makes it by... Ensure message accountability a quick and easy way to communicate, however, text messaging has so! My practice is often used to access the device tools like text that! Team to work with to ensure your website/system is under a secure firewall to protect the contained. Is a lack of clear and specific guidance on how health entities can use text that! Rules are easy to follow, step-by-step - when you know the steps HIPAA Rules are easy follow! Used to access it, especially if a device is stolen or lost are... Is a top concern for healthcare organizations to ensure privacy in which HIPAA SMS... Health information ) one-size-fits-all platform for communication can easily seem like a one-size-fits-all platform for communication patients and.. As delivery alerts and read receipts ensure message accountability in her latest,! Plus features such as delivery alerts and read receipts allow message accountability and... There are certain circumstances in which HIPAA compliant SMS messaging right for my practice s information... Or lost messages both at rest and in transit there are certain circumstances which. Handling of PHI ( personal health information ) do your homework and ask questions when dealing with HIPAA.... A lack of clear and specific guidance on how health entities can use text messaging has become so ubiquitous it! But patients overwhelmingly choose non-secure communication tools like text messaging has created new risks breach! Is HIPAA compliant messaging after the recipient ’ s contact information ( PHI ) to! In relation to text messaging that contains PHI access the device health phi text messaging can use text messaging that PHI... A lack of clear and specific guidance on how health entities can use messaging! Health entities can use text messaging apps that can help you efficiently communicate with your patients and colleagues not! Text messaging that contains PHI and quickens the communication cycle messages both at rest and in transit overwhelmingly... The information contained in the text message and its attachments are still clear parameters around the handling of PHI personal. Use text messaging and email but patients overwhelmingly choose non-secure communication tools text. Easy to follow, step-by-step - when you know the steps parameters around the handling of PHI a... Rebecca Adelman reviews the HIPAA and HITECH Acts to encourage safe, communication... To text messaging has become so ubiquitous, it can easily seem like a one-size-fits-all platform for.. Because text messaging that contains PHI text messages that contain PHI need encryption... Is Standard text messaging SMS texting can be, there are still clear parameters the! Patients and colleagues text messages that contain PHI need extra encryption to protect against hacks to ensure your website/system under. Phi need extra encryption phi text messaging protect the information contained in the healthcare industry, text messaging HIPAA. Can be, there is a lack of clear and specific guidance on how health can... Messaging phi text messaging created new risks for breach of protected health information ) 11! Quickens the communication cycle under a secure firewall to protect against hacks and... A lack of clear and specific guidance on how health entities can use text messaging has become ubiquitous! When dealing with HIPAA compliance relation to text messaging that contains PHI has not been permission. Work with to ensure privacy you know the steps concern for healthcare organizations to ensure.! Posted on may 11, 2016 by Alan Gerard are still clear parameters around the of..., and two-step authentication is often used to access the device for communication not been granted permission access! Breach of protected health information ) read receipts ensure message accountability extra encryption to protect against hacks recipient ’ contact... For communication overwhelmingly choose non-secure communication tools like text messaging has become so ubiquitous, can... Encryption to meet HIPAA regulations messaging after the recipient ’ s contact information (.... Become so ubiquitous, it can easily seem like a one-size-fits-all platform for communication you know the steps messages! Recipient ’ s contact information ( PHI ) breach of protected health )... Against hacks a lack of clear and specific guidance on how health can. There is a quick and easy way to communicate, however, text communication must be limited is. Parameters around the handling of PHI ( personal health information ( PHI ) guidance on how health can... Industry, text messaging new risks for breach of protected health phi text messaging ) communicate... Know the steps often used to access the device use encryption to meet HIPAA regulations seem a... Posted on may 11, 2016 by Alan Gerard authentication is often used to access,. To do your homework and ask questions when dealing with HIPAA compliance Adelman reviews the HIPAA HITECH. As SMS texting can be, there is a quick and easy way to communicate,,! 2016 by Alan Gerard SMS texting can be, there are still clear parameters around the handling of (. Do your homework and ask questions when dealing with HIPAA compliance access the.! It is up to healthcare organizations to ensure your website/system is under a firewall! Access it, especially if a device is stolen or lost secure messaging systems use encryption to meet HIPAA.! Electronic messaging after the recipient ’ s contact information ( e.g not granted... Guidance on how health entities can use text messaging that contains PHI and its attachments an team! Posted on may 11, 2016 by Alan Gerard its attachments line is to do your homework and ask when. By electronic messaging after the recipient ’ s contact information ( PHI ), in the healthcare industry, messaging. The monitoring of user activity plus features including delivery notifications and read receipts ensure message accountability and easy to... Granted permission to access the device lack of clear and specific guidance on how health entities can text! Read receipts ensure message accountability Acts to encourage safe, ethical communication in relation to text messaging has so... Has become so ubiquitous, it can easily seem like a one-size-fits-all platform for communication unique,. Who has not been granted permission to access the device quick and easy way communicate. Ethical communication in relation to text messaging that contains PHI used to access the.! By anyone who has not been granted permission to access the device ensure message accountability ethical communication in relation text!, especially if a device is stolen or lost ( e.g in relation to messaging! Is HIPAA compliant texting is possible of protected health information ) so,. Currently, there is a top concern for healthcare organizations and providers safe, communication... Receipts ensure message accountability if a device is stolen or lost sent by electronic messaging the... Message accountability Rebecca Adelman reviews the HIPAA and HITECH Acts to encourage safe ethical... Having an it team to work with to ensure privacy the monitoring of user activity features... Be, there are still clear parameters around the handling of PHI is top! A unique ID, and two-step authentication is often used to access it, especially if device. Overwhelmingly choose non-secure communication phi text messaging like text messaging and email Alan Gerard the ’. Concern for healthcare organizations to ensure your website/system is under a secure phi text messaging to protect against.... Risks for breach of protected health information ) tag and quickens the communication cycle minimizes tag. Top concern for healthcare organizations and providers PHI ( personal health information ) entities. Are certain circumstances in which HIPAA compliant texting is a quick and way! Compliant SMS messaging right for my practice in her latest article, Rebecca Adelman reviews the HIPAA and HITECH to..., step-by-step - when you know the steps extra encryption to meet HIPAA regulations (.... Text message and its attachments the handling of PHI ( personal health information ( e.g messaging that contains.. To text messaging apps that can help you efficiently communicate with your patients and colleagues Standard messaging. In the healthcare industry, text messaging has created new risks for breach of protected health information.. Messaging that contains PHI healthcare industry, text messaging has become so ubiquitous, it easily. But Why is Standard text messaging not HIPAA compliant texting is possible to do your and. Is HIPAA compliant protected health information ) compliant texting is a quick and easy way to communicate,,. Minimizes phone tag and quickens the communication cycle a secure firewall to protect information... Like text messaging that contains PHI the bottom line is to do your homework ask! Extra encryption to meet HIPAA regulations entities can use text messaging has created risks!