According a recent Johnson & Coker report, 80% of doctors use smartphones. In addition to making calls and using apps, docs are using their smartphones to take advantage of one of today’s most convenient forms of communication: the text message.
Unlike so much about healthcare – treatment plans, wait times, the reimbursement cycle – texting is quick. And for doctors, as for everyone with thumbs, texting offers a simple way to communicate that doesn’t require making a call, writing down a message, or listening to anything at all.
For physicians, though, texting’s advantages can also be its flaws. Quick and simple as it is, texting has become the easiest way for docs to violate privacy laws and make themselves vulnerable to data breaches. Since it poses such serious threats, is the convenience of texting even worth it for physicians?
It Makes Notification Easy…
When no protected health information (PHI) is involved, texting is harmless. And for the sake of garnering a busy doctor’s attention, texting’s immediacy is hard to beat.
It wasn’t all that long ago that many physicians had to be wired to pagers so that they could be contacted. In place of them, many hospitals and other health systems have built texting into their workflows.
A notification text along the lines of “Cardiac emergency, call 555-2820” doesn’t violate HIPAA. Additionally, a text like that communicates far more than a pager’s buzz and cryptic message system possibly could, and doesn’t require a physician to make a return call and count on some one to answer it just to learn the basics of a situation.
Plus, in spite of some very valid concerns about confidentiality, the argument can be made that a text message, since it can’t be overheard, is in some ways more private than a spoken phone call.
But the Pitfalls are Major
Yet the content of a spoken phone call doesn’t exist electronically once the call ends, which means it’s not subject to the legal rules governing “electronic exchanges,” as texts are. And even though a text message can’t be overheard, it is subject to being viewed by an onlooker with prying eyes.
Because docs are using texting to do much more than notify one another to make a call or come to an office, the threat of unauthorized eyes peeping those messages is a big one. One study says that 94 percent of physicians use smartphones to communicate, manage personal and business workflows, and access medical information – PHI that can be easily overseen in violation of the HIPAA Security Rule.
Plus the convenient, small size of smartphone technology makes he devices easily stolen or misplaced. If a phone full of PHI gets into the wrong hands, a doctor who hasn’t been taking the proper measures to secure his text messages could find himself in some very hot water.
Avoid Text Troubles by Using Caution
Despite its drawbacks, it’s nearly inevitable that physicians will use text messaging for their dealings as doctors because its become such an ingrained method of communication in their personal lives – just as it has for most everyone else these days.
To conduct the safest texting practices possible, physicians should avoid including PHI in their text messages whenever possible. Additionally, they should ensure that their phones are guardedwith adequate security measures.
All doctors should take basic protective precautions, including setting up password protection and deploying an app that gives them the ability to remotely lock and wipe a device in the event that it’s lost or stolen.
Some others, especially those physicians who are more prone to including PHI in their messages, should even consider using a secure encryption service. Companies like TigerText and Doximityprovide organizations with encrypted texting capabilities, though there is a snag: both the texter and the textee must be subscribed to the service or otherwise have the capability to unencrypt in order to send or receive a secure message.
Other ways to text smartly and securely: review the content and spelling of your messages before sending (especially if you’re communicating something medically serious), keep a close eye on the whereabouts of your device at all times, and frequently delete your message history.
A final best practice? When you can, avoid texting altogether and conduct a face-to-face conversation or a discreet, quiet phone call in a private space. Whether you discuss PHI or not, your voice something you won’t need to password-protect – or delete.
About Madelyn Young:
Madelyn Young is a Content Writer for CareCloud who specializes in covering practice management, medical billing, HIPAA 5010, ICD-10 and revenue cycle management. You can read her work on Power Your Practice and the CareCloud Blog. Contact Madelyn with story suggestions, contributor articles or any other feedback at madelyn@poweryourpractice.com.