December Edition 2020
Inside This Issue
Smartphones, Texts, and HIPAA: Strategies to Protect Patient Privacy By Kim Hathaway, MSN, CPHRM Patient Safety Healthcare Quality & Risk Management Consultant The Doctors Company
P Can You Get COVID-19 Twice? See pg. 12
INDEX Legal Matters....................... pg.3 Mental Health...................... pg.6 Oncology Research......... pg.8 Healthy Heart....................... pg.9
Age Well LiveWell See pg. 13
hysicians have embraced smartphone technology, with the vast majority using phones to communicate via text messages and access medical information. The attraction is obvious: Smartphone applications place libraries full of information at users’ fingertips— including drug alerts (such as PDR. net) that are literally a click away. Texting via secure messaging systems is instantaneous, convenient, and direct. It reduces the time waiting for colleagues to call back and it can expedite patient care by facilitating the exchange of critical lab results and other necessary patient data. S m a r t p h o n e technology is not just for peer-to-peer use: To manage their own healthcare needs, empowered patients are requesting more access to their physicians and medical records. Patients are also investing in mobile health technologies that provide continuous vital sign monitoring and generate health data that can be sent to their physicians. (For more information on this topic, see our articles “Wearables Offer Wealth of Data During COVID-19, but Liability Risks Remain” and “Remote Patient Monitoring.”) Technology is becoming
essential to the patient experience and increasingly important to younger, technology-savvy patients. Safeguard Against HIPAA Violations The very convenience that makes using smartphone technologies
Accountability Act (HIPAA). Physicians and other team members must not communicate with patients using their personal text messaging systems. Before communicating with patients through electronic technologies, a practice must have in place a secure HIPAA-compliant messaging platform that interfaces with the electronic health record (EHR) and strong administrative procedures. HIPAA compliance is paramount to the physician’s ability to communicate safely and send appointment reminders, alerts, and other follow-up reminders. Text messages among colleagues should also be encrypted and exchanged in a closed, secure network designed specifically to protect PHI, not on personal messaging systems. A secure messaging platform allows for the encrypted flow of information and storage in the medical record. Many EHR products now interface with secure messaging systems or the secure systems are integrated into the EHR product. Implementing a secure messaging platform must include establishing electronic communication policies regarding the proper and improper uses of texting—which means specifying what types of information may or may not be texted. Patients must also be educated
Texting patient information among members of the healthcare team is permissible if accomplished through a secure platform. so inviting may also create privacy and security violations if messages containing protected health information (PHI) are not properly safeguarded. It is important that physicians and their teams understand that communications between patients or other providers have the potential to lead to violations of the Health Insurance Portability and
see HIPAA... page 14
PERMIT# NO PERMIT 11491 AUSTIN TXTX HOUSTON PRSRT STD US POSTAGE PAID