Among the fundamental characteristics driving the ready acceptance of Short Message Service (SMS) text messaging are its immediacy, ease of use and ready availability on devices most people already have. However, when it comes to the application of this technology to the medical profession, that latter attribute can also be a hindrance. Patient privacy is a significant concern.
While something as simple as text messaging could revolutionize healthcare, practices like yours must take precautions to ensure compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Further, the adopting organization’s medical professional insurance policy should include liability and cyber security coverage in case of data breach or employee mistake.
The Benefits Are Many
Collaboration with physicians all over the world is more easily accomplished to gather second opinions from the top experts in a particular pathology. Video attachments can be transmitted to share procedures more readily. First responders can relay information directly from the scene of an incident to help hospital personnel prepare themselves more thoroughly for the arrival of a patient in critical condition. SMS texting can also be used to provide medication reminders, appointment scheduling, patient notifications and obtaining electronic consent for certain procedures and decisions. However, all of this has to be done in an environment respectful of the HIPAA.
The Health Insurance Portability and Accountability Act of 1996 applies to health care providers transmitting health information in electronic form to business associates. Designed to maintain the privacy of electronic protected health information (e-PHI), if providers are to remain in compliance, they must:
− Ensure the confidentiality, integrity, and availability of all e-PHI they create, receive, maintain or transmit
− Identify and protect against reasonably anticipated threats to the security or integrity of the information
− Protect against reasonably anticipated, impermissible uses or disclosures;
− Ensure compliance by their workforce
Key Compliance Considerations
Because of the ubiquity of texting devices, doctors and nurses may be tempted to use their personal phones for cloud-based text messaging. This is a direct violation of the HIPAA. If a facility is going to use this method, dedicated devices with a secure platform must be employed.
However, before deciding upon a texting solution, medical chief information officers should consider patient risks, mobile device usage of the staff and administrative approaches to BYOD (bring your own device) concerns. It can also be helpful to observe strategies similar organizations have implemented.
First, Do No Harm…
While all of this may sound like a lot with which to contend, a patient’s wellbeing should be the foremost consideration with the adoption of any new communications technology for the medical field. Healthcare facilities have an obligation to keep medical records private. Ignoring this responsibility could undermine patient trust and see the organization held liable for a costly settlement. Cyber insurance, paired with the right medical professional insurance policies, can help.
While it’s better to be safe than sorry, CoverHound can help you find the best backup protection for your practice. Compare policy options today!