5 Best Practices for HIPAA Compliant Texting

Texting is a convenient and reliable way for healthcare organizations and providers to communicate with their patients. It is ideal for keeping up with appointments, reminders, payments, and other practice communications. While most people, including patients, prefer texting because it’s quick and easy, providers and their staff must comply with the Health Insurance Portability and Accountability Act (HIPAA).

Below are five best practices to ensure HIPAA compliance when texting:

1. Get consent- Before sending text messages to patients, practices must ensure they have written permission from patients. This may include a text message reply or an online form submission showing the patient consented to receive text messages. Texting without patient consent can become a liability and violation of HIPAA.
2. Limit information- Although texting is convenient, it is necessary to take precautions to protect patient privacy. Limiting the type of information sent to patients in text messages can help reduce the risk of a breach of personal health information (PHI). Keep texts to information such as appointment reminders, test result notifications, prescription notifications, registration instructions, and patient portal information.
3. Control access- Establish a list of authorized employees who can access patient conversations. Determine who will have access to patient messaging and who will be sending or managing those messages daily.  
4. Ensure secure text messaging- Text message communications should be secure and encrypted on all devices to prevent unauthorized access, especially if a device has been lost or stolen.
5. Implement a text policy- Have a text policy that details the approved types of text communications, which employees are authorized to send texts, when a phone call may be more appropriate, and any additional practice policies on texting.

Want to know more about HIPAA compliant texting? Ask the experts at MedSafe.

If you have questions about HIPAA, contact the experts at MedSafe. MedSafe is the nation's leading one-stop resource for outsourced accreditation and healthcare compliance solutions. For over 20 years, we have been providing peace of mind to hospital groups, private practices, and their business associates. Our suite of onsite and online training services, including OSHA, HIPAA, Corporate Compliance and Code Auditing, equip your practice with the necessary tools and skills to achieve and maintain regulatory & billing compliance. MedSafe takes a hands-on approach and works directly with your team to uncover issues and define suitable solutions.

Contact us at: (888) MED-SAFE

Visit our website at www.medsafe.com