DISCLAIMER: The information provided below is not legal advice and is for general informational purposes only. You must obtain advice from a legal council on HIPAA compliance as you assume all responsibility for all legal matters.
Is SMS Text Messaging HIPAA Compliant?
The answer is a bit complicated due to the legal and complex language used in the rules but this post will break the rules down to a plain language to make it easier to understand. So, is texting a patient HIPAA compliant? The answer is both a yes and a no.
Text Messaging Is HIPAA Compliant As Long As…
HIPAA rules do not specifically mention SMS text messaging but it does mention rules concerning electronic communications used for healthcare so the answer really depends on the contents of the text message and who the text message is being sent to. The fines for violating the HIPAA was last updated in November 2021.
The answer is a yes, SMS Text Messaging is HIPAA Compliant as long as the text message content complies with the “Minimum Necessary Requirement” and does not include HIPAA identifiers or Protected Health Information. You must also educate and warn patients of potential risks of communicating personal information via unencrypted channel such as SMS and legally obtain their express consent. Both the warning and written express consent must be documented in case of mishap.
What are HIPAA identifiers for PHI (Patient Health Information)?
HIPAA identifiers are 18 types of patient information that healthcare organizations collect for their day to day operations. The HIPAA identifiers can be used to identify a single individual, locate or contact them. When the HIPAA identifiers are used with their medical condition, it becomes PHI (Protected Health Information).
18 HIPAA Identifiers
- Name
- Address
- All dates (except years) directly related to an individual
- Telephone number
- Fax number
- Email address
- Social Security Number
- Medical record number
- Health plan beneficiary number
- Account number
- Certificate or license number
- Vehicle identifiers or serial numbers
- Device identifiers or serial numbers
- Web URL
- IP Address
- Biometric identifiers (fingerprint, voice print, etc.)
- Photographic image
- Any other characteristic that could uniquely identify the individual
What Types of Text Messages are HIPAA Compliant?
HIPAA rules apply only when the text message content includes PHI, HIPAA identifiers. Your medical office can send SMS text messages to patients to reduce no-shows with appointment reminders and save time with repetitive tasks that require hours of phone calls with quick text messages. Below are some types of text messages that you can send without violating the HIPAA.
HIPAA Compliant Text Messages
- Any text messages that does not contain PHI and HIPAA identifiers
- Information about the doctor’s office
- Appointment Reminder Alerts
- Appointment Confirmations
- Appointment Cancelations
- Staff Communication
- Prescription Reminders
- Patient Information
Ready to Start Texting With Patients?
Text messaging for medical & health care is one of the most important things that medical providers should look out for, as many people prefer responding to text messages rather than answering long and sometimes awkward phone calls.
With our 14-day trial, you can try landline text messaging for medical & healthcare for free. You'll be able to send and receive text messages from anywhere in the world using our website and mobile applications.
