For an update to this article, please click here.
If your organization allows texting, consider recent CMS communications prohibiting all texting
Hall Render has become aware that the Centers for Medicare & Medicaid Services (“CMS”) has been communicating to hospitals that texting is unacceptable, even through secure text messaging applications, due to concerns about the privacy and security of protected health information (“PHI”) and how to record texts in a patient’s medical record pursuant to Medicare Conditions of Participation 42 C.F.R. § 482.24, which addresses requirements for the content, form and retention of medical records.
Many organizations have recognized the risks associated with sending text messages that contain PHI on unsecured, personal devices and implemented internal policies banning such behavior. Instead, many organizations rely on secure messaging applications through which text messages can be sent. However, not only has CMS indicated it believes that texting between unsecured devices is impermissible, CMS appears to have determined secure text messaging applications are unreliable and therefore the use of secure texting platforms is impermissible as well. For those health care entities that have attempted to improve patient care by investing in secure texting platforms for faster and easier communication among providers, a true prohibition on texting could hamper existing workflows.
This is not yet official CMS guidance, and Hall Render will be monitoring this for updates. However, in light of this CMS position, health care entities should consider reviewing existing mobile device and texting policies. They should also ensure that they are complying with Medicare Conditions of Participation by including all required documentation from text communications in the patient medical record.
For more information, please contact: