Text messaging is arguably the most common and convenient form of communication today, but medical professionals have been hesitant to text with patients given the labyrinth of HIPAA regulations and the potential to violate patient privacy.
The Joint Commission has done little to alleviate that confusion. The accreditation organization initially lifting its ban on using text messaging to send patient orders last year, only to temporarily reinstate it months later, before reaching a final decision earlier this year to keep the ban in place, for now.
Text messaging has proved valuable in certain situations, like quick, simple patient reminders and interactions and as a tool to improve medication adherence. But some have warned against provider-to-provider messaging that can create an opportunity for patient harm. Meanwhile, physicians are looking for guidance to help navigate privacy regulations and professional etiquette.
In a JAMA Viewpoint article published earlier this week, Brian Drolet, M.D., an assistant professor in the department of plastic surgery and biomedical informatics at Vanderbilt University School of Medicine, acknowledges that an increasing number of physicians are using text messaging to communicate with patients, but it can be a delicate balancing act.
Joint Commission regulations aside, there are no federal regulations prohibiting doctors from texting with patients. HIPAA, the most common privacy standards, simply requires covered entities to mitigate risks by encrypting information and taking specific privacy precautions.
HealthIT.gov noted that text messages are “generally not secure because they lack encryption,” but it offered some wiggle room, indicating text messaging is possible if organizations conduct a risk assessment and utilize a third-party messaging solution.
Drolet added that the rules surrounding text messaging “may be intentionally vague and even best left that way” in order to simplify communication between doctors and patients. But failure to account for very real patient privacy concerns could prompt stricter rulemaking in the future.
“If the unwritten intention of federal regulations is to limit electronic communication of protected health information, this should be clarified,” he wrote. “In the meantime, a combination of vigilant deidentification and maximizing available security features should maintain HIPAA compliance for text messaging. If clinicians do not respect the privacy of health information, they betray the trust of patients, and this could lead to regulatory changes to the detriment of a common and effective means of communication.”