HealthBlawg

David Harlow's Health Care Law Blog

    • Twitter
    • Facebook
    • LinkedIn
    • RSS
    • Email
  • About
  • Archives
  • Podcast
  • Press
  • Awards/Reviews
  • HIPAA
  • HCSM

Texting patient information – The latest from CMS

January 9, 2018

CMS has a communications problem. Together with the Joint Commission, CMS issued joint guidance on the use of SMS messaging for clinical communications just over a year ago. Last month, the Health Care Compliance Association published a story stating that CMS had sent emails to two different hospitals stating that text messaging (including secure messaging services) is verboten. The apoplectic response of the regulated community and commentariat to the off-message message conveyed via email moved CMS to issue an official statement more in line with the joint communiqué of December 2016.

Fear not, gentle reader. We are now back to the status quo ante, at least with respect to the question of whether and how texting may be used in hospitals subject to the Medicare Conditions of Participation (i.e., most hospitals). CMS’s Survey and Certification Group published a memo sent to all state survey agency directors at the end of December regarding Texting of Patient Information among Healthcare Providers.

The problems with unencrypted texting are threefold from the CoP perspective:

  • Medical records (accurate, properly maintained, accessible, authenticated, secure) must be retained for five years
  • Patient records must be kept confidential
  • Orders are to be entered into a medical record by hand or via CPOE (CPOE, unlike texting, is permitted because it is set up to auto-download into the EHR, with date, time and authentication taken care of)

The CMS summation:

CMS recognizes that the use of texting as a means of communication with other members of the healthcare team has become an essential and valuable means of communication among the team members. In order to be compliant with the CoPs or CfCs [Conditions for Coverage], all providers must utilize and maintain systems/platforms that are secure, encrypted, and minimize the risks to patient privacy and confidentiality as per HIPAA regulations and the CoPs or CfCs. It is expected that providers/organizations will implement procedures/processes that routinely assess the security and integrity of the texting systems/platforms that are being utilized, in order to avoid negative outcomes that could compromise the care of patients.

Bottom line: Communication among team members via text message could be OK (as long as it’s secure), but orders must be communicated via CPOE.

So, when you’re shopping for your next CPOE tool, remember this: Any smartphone-based tool for CPOE must meet the CMS requirements outlined above as well as all HIPAA requirements.

This is clear . . . until the next clarification comes along. Other provider types are left to reason by analogy.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting

Filed Under: CMS, Compliance, Digital Health, Health care policy, Health Law, HHS, HIPAA, HIT, Hospitals, Medicare, Physicians, Privacy, Security

you might also like:

  1. Joint Commission: The Latest on Text Messaging Patient Care Orders

  2. The latest on never events and HAI from CMS, Leapfrog and MA DPH

  3. IDTF requirements tightened up in latest CMS transmittal — and then dropped

« Cindy Friend, Caradigm and Population Health – Harlow on Healthcare
Rasu Shrestha, UPMC and Healthcare Innovation – Harlow On Healthcare »

Trackbacks

  1. Texting Patient Information – The Latest from CMS - HIE Answers says:
    January 16, 2018 at 7:12 am

    […] article was originally published on HealthBlawg and is republished here with […]

Follow me on Twitter

David Harlow 💉😷 Follow 42,908 17,568

Mastodon @healthblawg@c.im #HealthCare #MedDevice #Compliance #Privacy @MyOmnipod #HIPAA #digitalhealth #HarlowOnHC #pinksocks Tweets are tweets No more no less

healthblawg
healthblawg avatar; David Harlow 💉😷 @healthblawg ·
4h 1620445622955278337

Moonshots — StartUp Health https://paper.li/healthblawg/1369855999?read=https%3A%2F%2Fwww.startuphealth.com%2Fmoonshots #hcldr

Reply on Twitter 1620445622955278337 Retweet on Twitter 1620445622955278337 0 Like on Twitter 1620445622955278337 0 Twitter 1620445622955278337
healthblawg avatar; David Harlow 💉😷 @healthblawg ·
4h 1620445621772587008

Harlow on Health Care is out! #healthcare #hcldr #hcsm #HIT #healthreform #HIPAA

Image for twitter card

Moonshots — StartUp Health

startuphealth.com At StartUp Health, we invest in the most innovative health entrepreneurs in the world — our glob...

paper.li

Reply on Twitter 1620445621772587008 Retweet on Twitter 1620445621772587008 0 Like on Twitter 1620445621772587008 0 Twitter 1620445621772587008
healthblawg avatar; David Harlow 💉😷 @healthblawg ·
4h 1620439418514333698

The latest Harlow On Health Care Daily #HarlowOnHC #digitalhealth #healthcare #innovation #privacy #hcldr Thx: @biomelb @SCMagazine @r2guidance #digitalhealth #healthcare

Image for twitter card

Why enterprises trust hardware-based security over quantum computing

venturebeat.com Quantum computing is being realized, but its limitations in cybersecurity are prompting organizations to ...

paper.li

Reply on Twitter 1620439418514333698 Retweet on Twitter 1620439418514333698 0 Like on Twitter 1620439418514333698 0 Twitter 1620439418514333698
Load More
Follow me on Mastodon

HIPAAtools

Hipaatools

The HIPAA Compliance Toolkit

The Walking Gallery

The Walking Gallery

Quick Links

  • Home
  • Categories
  • Archives
  • Podcast Interviews
  • HIPAAtools
  • HIPAA Compliance
  • Health Care Social Media
  • Speaking
  • In the Press
  • Blogroll

David Harlow

David Harlow

HealthcareNOW Radio

Connect with David

  • Twitter
  • Facebook
  • LinkedIn
  • RSS
  • Email
  • Subscribe
  • Contact
  • Book Me: Speaking
  • About
  • The Harlow Group LLC
Copyright © 2006–2023
HealthBlawg is a publication of The Harlow Group LLC. See Copyright notice and disclaimer.
Fair use with attribution and a link is encouraged. Click for more on David Harlow.
[footer_backtotop text="Back to top" href="#"]