Guiding Your Organization to Compliance Health and Keeping your Healthcare Data Private and Secure
CMS Clarifies Its Texting Rules for Healthcare Providers and Organizations
After a December 18, 2017 HCCA report that CMS had sent emails to at least two hospitals saying that even secure text messaging applications were not permitted, CMS recently clarified its position on texting for healthcare providers and organizations.
Pursuant to a December 28, 2017 letter, CMS explained that it "recognizes that the use of texting as a means of communication with other members of the healthcare team has become an essential and valuable means of communication among the team members."
The letter further stated that "in order to be compliant with the CoPs or CfCs, all providers must utilize and maintain systems/platforms that are secure, encrypted, and minimize the risks to patient privacy and confidentiality as per HIPAA regulations and the CoPs or CfCs. It is expected that providers/organizations will implement procedures/processes that routinely assess the security and integrity of the texting systems/platforms that are being utilized, in order to avoid negative outcomes that could compromise the care of patients.”
A copy of the CMS letter can be found here: https://www.cms.gov/Medicare/Provider-Enrollment-and-Certification/SurveyCertificationGenInfo/Downloads/Survey-and-Cert-Letter-18-10.pdf.