Recent revisions to the Health Insurance Portability and Accountability Act 1996 (HIPAA) have increased the level of security that has to be applied when texting patient information or accessing protected health information (PHI) from a mobile or portable device such as a cell phone, Smartphone or tablet.
The revised regulations apply to health insurance providers, healthcare workers, and employers who offer a healthcare program covered by HIPAA; and also, for the first time, third party service providers (also known as “business associates” or “vendors”) who provide administrative, brokerage or management services to the healthcare industry.
The revised regulations for text messaging PHI acknowledge that changes in workplace practices and technological advances have led to more healthcare industry employees using mobile devices in the course of their work. Indeed, a survey carried out by the Health Research Institute revealed that 81 percent of doctors use mobile devices to communicate with their patients and access patient information.
The possibility exists that sensitive patient data could be compromised in the workplace or in places of public access due to individuals using public Wi-Fi or open cell phone networks, and there is also the risk of a security breach when a mobile device is sold, stolen or lost.
Consequently, the HIPAA guidelines for text messaging patient information say that texting PHI should only be done in the following circumstances:
Organizations, employees, and sub-contractors should be aware of the penalties that can be imposed by the Office of Civil Rights should there be a security breach when texting patient information, as well as the threat of legal action from patients whose protected health information has been compromised.
The conditions listed above can be summed up in the terminology used in the original Health Insurance Portability and Accountability Act that “administrative, physical and technical safeguards [should exist] to ensure the confidentiality, integrity, and security of electronically stored or transmitted private health information”; however, the revisions to the original HIPAA Act elaborate to greater detail about text messaging PHI, and states that sensitive patient data should be communicated by “secure texting.”
Texting PHI using an encrypted messaging platform is far more secure than communications sent by email, which are copied multiple times on email servers before they reach their intended recipients. Encrypted messages are sent from a secure server on which all PHI is stored, and can be accessed at any time provided that the recipient is within range of an Internet signal.
The owner of the mobile device still has the full functionality of their cell phone, Smart phone or tablet, but any text messaging of patient information is done using the virtual private network. Should the owner inadvertently lose their mobile device or have it stolen, the network administrator is able to remove the user from the network and delete any sensitive patient data they may have had access to.
TigerConnect’s encrypted messaging platform enables the secure text messaging of patient information by operating via a secure, cloud-based application. Organizations, employees and sub-contractors will find the application easy to use and – more importantly – easy to get into the habit of using.
There is no software to download before operating TigerConnect’s encrypted messaging platform – meaning that individuals who use personal mobile devices in the course of their work will not be inconvenienced – and administrative controls and usage reports help to maintain control over the flow of private health information and ensure compliant usage by all personnel.
The TigerConnect encrypted messaging platform meets all the criteria required for texting patient information and for complying with the new HIPAA regulations; and, at the same time, offers additional benefits to organizations – such as increasing the efficiency of personnel within the workforce.
See how TigerConnect helps 6,000+ healthcare teams collaborate seamlessly across the hall or across the health system.
TigerConnect provides secure, real-time mobile messaging for the enterprise, empowering organizations to work more securely. TigerConnect’s encrypted messaging platform keeps communications safe, improves workflows, and complies with industry regulations.