CMS has issued a memorandum clarifying its position on texting and recognizing that the use of texting has become an essential and valuable means of communication between health care team members. The takeaways from the memorandum are as follows:
-
All healthcare providers:
-
Texting patient information between a patient’s health care team members is permissible (if accomplished through a secure platform). Note that the disclosure of information must still meet the minimum necessary standard under HIPAA.
-
Hospitals:
-
Texting of patient orders is prohibited, under 42 CFR 489.24(b) which requires that hospitals confidentially maintain medical records for inpatients and outpatients and subsection (c) which requires that the medical record include patient orders. Computerized Provider Order Entry (CPOE) is the preferred method of order entry by a provider.
The memorandum appears to have been issued in response to the Health Care Compliance Association’s Report on Medicare Compliance, which raised concerns about CMS’s no texting policy. The report states that last year CMS sent emails to at least two hospitals stating that texting of patient information is not permitted – even when the texts are sent through a secure text messaging application. In these letters, CMS cited concerns about privacy, security, and the integrity of medical records.
CMS’s texting policy now mirrors the Joint Commission’s stance on the subject.