How Do You Maintain HIPAA-Compliant Texting?
Use of a HIPAA-compliant texting app is required when the physician or nurse sends a text or message containing patient information, care instructions or other sensitive patient details. When this type of patient information is sent, the content of the message must be both secure and encrypted.
When hospitals and clinics introduce HIPAA-compliant texting into their organization, they must maintain reasonable and appropriate administrative, technical and physical safeguards for protecting electronic protected health information (e-PHI).
The Department of Health and Human Services further spells this out when it states that organizations must:
- Ensure the confidentiality, integrity, and availability of all electronic protected health information which is created, received, maintained or transmitted.
- Protect against any reasonably anticipated threats or hazards to the security or integrity of this information.
- Protect against any reasonably anticipated uses or disclosures of this information.
- Have a method for remote wipe of patient information from the HIPAA-compliant texting app if the app is lost or stolen.
- Ensure compliance by users of the information.