< Back to Publications & Resources
Open Bar: Guidance for Texting with Patients
By Elizabeth Ollinick, Esq.
MLMIC is thrilled to launch “Open Bar,” a monthly FAQ on trending issues in healthcare faced by MLMIC insureds throughout New York.
There are several perks available to MLMIC policyholders. One of them is access to MLMIC’s Legal Hotline. Our Legal Department is comprised of seasoned healthcare attorneys throughout the state. Our attorneys are here to provide information for our policyholders on an array of healthcare law topics.
Each month, MLMIC will share an FAQ on trending healthcare practice issues in New York.
Let’s take a look at June.
Question Presented: Should a provider use a personal phone to text patients, in consideration of the Health Insurance Portability and Accountability Act (HIPAA)?
Response: A provider should not use a personal phone to communicate with patients via text messaging without proper patient consent, which should be in writing. All messages should be included in the patient’s medical record.
In general, providers can use text messages to communicate with patients without violating HIPAA as long as:
- the messaging system complies with the Technical Safeguards of the HIPAA Security Rule; or
- the patient consents, in writing, to communicate via an unsecured messaging platform.
Text messaging from a personal phone (SMS messaging) is not a secure method of communication because unauthorized parties can intercept or access messages.
Opening the door to text messaging is risky because providers have no control over the security of the device from which patients send messages. As a result, providers who allow patients to communicate by text messaging should warn patients of the risks of communicating via unencrypted text messaging. The warning should be written, signed by the patient and maintained in the patient’s record.
In addition to technical safeguards, providers should:
- Ensure that all text messages are transferred to the medical record. If the messaging platform is not connected to the EHR, messages must be printed and added manually.
- Double check the “To” field to ensure private data is sent to the authorized person.
MLMIC policyholders can reach our healthcare attorneys for questions regarding HIPAA, communicating with patients or any other healthcare law inquiries by calling (800) 275-6564 Monday-Friday, 8am-6pm or by email here. Our 24/7 hotline is also available for urgent matters after hours at (844) 667-5291 or by emailing hotline@tmglawny.com.
If you are not already a MLMIC insured, learn more about us here.
This document is for general purposes only and should not be construed as medical or legal advice. This document is not comprehensive and does not cover all possible factual circumstances. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors for any questions related to legal, medical or professional obligations, the applicable state or federal laws or other professional questions.