In today's era of smart phones and tablets, the question is no longer whether clinicians should send text messages containing protected health information (PHI), but rather what is the safest way to do so.
Texting, as compared to emailing, may be very useful in addressing immediate healthcare questions and communicating during a medical escort, but it also allows for the flow of fairly unprotected information. Another downside to texting is that text messages can be forwarded to anyone and, unless deleted, the text message will remain both on the sender's and receiver's devices permanently.
The penalty for one HIPAA violation can result in a fine of up to $50,000, and identical violations can lead to a maximum fine of $1.5 million in a year. In many instances, the violations resulted from loss or misuse of portable devices. With the HIPAA rules now applying directly to business associates, the field for potential violations has broadened.
Ways to protect patient information?
- Never identify a patient's name or any information that could directly link to a patient such as an address.
- Limit messages to only the information that is absolutely necessary to accomplish the objective.
- Password protect the hand-held device.
- Encourage the use of a software program that will allow the device owner to erase data from the device remotely in the event the device is lost or stolen.
Sky Nurses is proactive in protecting health information. We require all of our clinicians to be aggressive in taking the necessary steps to prevent a breach of patient information from occurring.