HIPAA-compliant texting is a real possibility — even though some would have you believe HIPAA and texting aren't compatible nor complementary with one another. In some instances, those who deal with sensitive health information may be able to send text messages to those seeking patient information, including other staff and to affected individuals and families.

However, there are strict limitations on what can and cannot be sent through text messages when it concerns personal health information, or PHI.

Risks and Guidelines

If you represent an organization that deals with PHI, there are some important guidelines you need to understand in order to keep you and your staff in compliance with HIPAA laws, as well as to protect the privacy of your clients and patients.

In almost all instances, communicating PHI via text message is in violation of HIPAA and could bring about hefty penalties and fines. Individuals who have access to PHI are required to access this information using organization-issued logins and passwords that are unique to each individual.

Likewise, any time health data is transmitted outside of an organization's internal firewall (including by text), it must be encrypted to ensure it's not readable if it were to be compromised. Similarly, if a text does not include personal identifiers that make it traceable back to the health records of a specific individual, that text can likely be sent.

In a recent American Health Information Management Association study, nearly 3 out of 4 physicians said they text other physicians about work. Because texting is ubiquitous, physicians who aren't authorized to text health-related information from work-sponsored devices may still have the opportunity to text from their own personal devices — even without permission.

Though text messages are sometimes thought of as disposable information, digitally speaking, they are anything but disposable. These messages can reside on devices or in unsecured cloud-storage servers for indefinite amounts of time. In these instances, an individual who has access to another person's cell phone may also be able to view and share a wealth of private personal and/or health information.

Fortunately, in recent years, advanced tools and solutions — such as those provided by 8x8 — have quickly advanced to keep up with HIPAA privacy laws. This is particularly valuable for those who handle PHI, as not all phone providers' texting services have the proper safeguards in place to allow individuals or organizations to utilize the tools in order to adhere to HIPAA-compliant texting rules.

A Deeper Dive

It's difficult to examine every instance when a text message is or is not acceptable. But, generally speaking, without safeguards in place, sending text messages is virtually never HIPAA compliant. Does this mean text messaging is never in accordance with HIPAA privacy laws? Not exactly.

However, if an organization wants to utilize text messaging as a tool to share information, it must have a secure text messaging app in place. This is where solutions provided by 8x8 can be a tremendous boon for your organization.

Thanks to 8x8's unified communications services, staff may work together through multiple channels, such as live chat, phone, video, document sharing and, yes, even texting, to share confidential and sensitive information in a HIPAA-compliant manner.

The key issue here is that you simply cannot rely on existing tools or services made available through your phone provider. A third-party app or tool created by an organization that fully understands HIPAA privacy laws must be utilized. That's where 8x8 shows its real value.

Next Steps

The good news is that text messaging and HIPAA laws aren't necessarily in opposition with one another. In fact, they can work in concert if the right solution is found — and 8x8 can help you find it.

When it comes to security, 8x8 provides reliable and compliant cloud solutions at a demanding level rarely seen by other cloud providers. Don't take your chances with a subpar cloud-based telecom system. Call 1-866-879-8647 or fill out our form online to request a no-obligation quote from an 8x8 Product Specialist.

Related Topics

HIPAA Compliant Fax

HIPAA Compliant Video Conferencing

Healthcare Wireless Communication

Communications Solutions for Healthcare