CMS clarifies regulations for HIPAA compliance when texting patient details

CMS clarifies regulations for HIPAA compliance when texting patient details


The Facilities for Medicare and Medicaid Companies Quality, Security & Oversight Group sent a memo to point out survey company administrators, helpful instantly, clarifying HIPAA compliance for texting affected person information and facts and clinic orders at critical obtain hospitals.

WHY IT Issues

Texting guidance CMS launched to hospitals in 2018 indicated that when texting client information experienced develop into crucial to functions, the observe of texting affected person orders from a service provider to a member of the treatment crew was not compliant with the agency’s Problems of Participation.

The clinic and CAH health care history CoPs regulations require that “inpatient and outpatient healthcare data be precisely published, promptly concluded, properly filed and retained and available,” in accordance to CMS in a new affected individual data texting protocol introduced Thursday.

CMS stated in the new memo, Texting of Patient Details and Orders for Hospitals and CAHs, that back again in 2018, it had problems with “file retention, privateness, confidentiality, security and the integrity of present units at that time.”

Though computerized provider get entry is nevertheless the agency’s desired strategy of buy entry by a provider, those people selecting to incorporate texting of individual facts and orders into electronic overall health documents ought to make use of and sustain info stability and encryption as nicely as guarantee the integrity of creator identification on secure texting platforms that comply with the Health Insurance policy Portability and Accountability Act of 1996, CoPs and the HITECH Act, CMS stated.

“Companies should really apply strategies/procedures that routinely evaluate the protection and integrity of the texting methods/platforms that are becoming used to avoid damaging outcomes that could compromise the care of patients,” CMS observed.

THE Bigger Craze

CMS’sstance on texting patient details in 2018came shortly just after a report from the Health and fitness Treatment Compliance Association boosting worries about the agency’s arcane coverage.

In that report, the association claimed some hospitals had been given email messages from CMS indicating that “texting is not permitted,” regardless of an application’s stability, citing retention of health-related records and their confidentiality as aspects in the agency’s no-texting final decision.

Regardless of the prevalence of texting across treatment groups considering that that time, a 2022analyzefrom the Regenstrief Institute, Indiana University College of Medicine and Indiana College Well being Methodist Clinic identified that, though they have been content to change pagers with clinical texting programs, medical professionals were being vital of the significant quantity of messages.

“We found that there is a deficiency of shared knowing among clinicians regarding how to use scientific texting,” said study corresponding creator Pleasure L. Lee, a Regenstrief Institute investigation scientist and College of Massachusetts Chan Health care University assistant professor, in an announcement about that clinical texting study.


“CPOE proceeds to be the most well-liked system of order entry by a service provider, but we identify that possibilities also exist now, as very well as considerable enhancements in the encryption and application interface capabilities of texting platforms to transfer information into digital wellbeing documents,” CMS reported in the memo.

Andrea Fox is senior editor of Healthcare IT News.

Healthcare IT Information is a HIMSS Media publication.

Read More

You May Also Like