Get Demo
Get Demo

CMS Texting Update 2024: HIPAA-Compliant Texting of Patient Orders is Now Permissible

Are Clinical Texts Acceptable CMS Weighs in - vortexconsultings.com

The Evolving Role of Texting in Clinical Communication and Medical Records

We all do it. Unless one is physically impaired or entirely disconnected from modern society say, residing off the grid in the Alaskan wilderness most adults will, at some point during the year, engage in text-based communication. For many, it has become an integral part of daily life. In the 1970s, Brownsville Station surged to fame with their anthem “Smoking in the Boys’ Room,” a fiery celebration of teenage defiance. Fast-forward to the 2020s, and that same room is more likely to echo with the silent tapping of thumbs on a smartphone screen.

It’s fascinating to observe the evolution of written communication over the years, isn’t it? From the era of carrier pigeons and mounted couriers to the digital swiftness of email and, now, terse missives tapped out on handheld devices. What’s more, many individuals have embraced a text-based shorthand, filled with abbreviations and a certain disregard for grammar, punctuation, and syntactic decorum. In light of this cultural shift, a critical question arises: is it appropriate for healthcare professionals to rely on texting for clinical communication? Earlier this year, the U.S. government sought to address that very issue.

On February 8, 2024, the Director of the Quality, Safety, and Oversight Group (QSOG) a subdivision within the Department of Health and Human Services (HHS) issued a formal memorandum to directors of state survey agencies. The directive, effective within 30 days, was entitled: “Texting of Patient Information and Orders for Hospitals and CAHs.” In this memo, QSOG Director David R. Wright outlined the department’s stance on the legitimacy of employing text messaging within the clinical setting.

Previous Guidance

Director Wright began by referencing a 2018 CMS memorandum titled “Texting of Patient Information among Healthcare Providers in Hospitals and Critical Access Hospitals (CAHs).” That document acknowledged the increasing indispensability of texting among hospital care teams but clarified that transmitting patient orders via text was noncompliant with Medicare’s Conditions of Participation (CoPs). The CMS raised valid concerns about data retention, confidentiality, system integrity, and patient privacy.

At the time of the 2018 directive, few hospitals or CAHs possessed secure messaging platforms capable of integrating text messages into electronic health records (EHRs). Since then, however, technological advancements have considerably altered the landscape.

Updated Guidance 

The Conditions of Participation relating to medical records for hospitals and CAHs are codified in 42 CFR 482.24 and 485.638, respectively. These regulations stipulate that both inpatient and outpatient records must be precisely documented, promptly finalized, properly stored, and readily accessible. Additionally, hospitals are required to implement systems ensuring author identification and record integrity while safeguarding the security of all entries.

The February 2024 guidance emphasizes that the federal regulations do not prescribe a specific method for compliance opening the door for modern technologies to be evaluated anew. As a result, QSOG is tasked with reassessing whether contemporary secure texting platforms may now satisfy regulatory expectations.

While computerized provider order entry (CPOE) remains the gold standard for entering orders, Director Wright acknowledges that alternatives have emerged. The agency further recognizes the considerable improvements in encryption and application interface capabilities that allow seamless data transfer into EHRs.

Historically, CMS has maintained that orders should be input either manually or through CPOE to ensure proper dating, timing, authentication, and immediate inclusion in the medical record. However, the latest QSOG memorandum concedes that texting under specific conditions could now form part of the official documentation process. The key passage reads:

To meet the CoPs, all healthcare providers must implement and maintain secure, encrypted systems or platforms that preserve the integrity of author identification and protect patient privacy and confidentiality, in full alignment with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Furthermore, providers must establish robust procedures to routinely evaluate the security and integrity of these messaging platforms to prevent adverse outcomes that could jeopardize patient care. The CMS expects any provider incorporating texting into the clinical record-keeping process to utilize a platform compliant with HIPAA’s Security Rule, the HITECH Act Amendment, and the applicable CoPs.

In short, the permissibility of texting hinges entirely on whether a facility possesses the infrastructure to comply with federal privacy, security, and documentation requirements.

Operational Implications

To better comprehend the real-world impact of these guidelines, we can look to the Joint Commission widely regarded as the foremost authority in hospital accreditation. In its published FAQs, the Commission makes the following assertion:

Healthcare organizations that adopt a secure texting platform (STP) may exchange patient care information and orders among team members. While CPOE remains the preferred method for order entry, the transmission of orders via STP is allowed—provided that the system can integrate the data into the EHR.

Before allowing clinical texting, however, several prerequisites must be met:

  • The STP must comply with the HIPAA Security Rule, the HITECH Act Amendment (2021), and CMS Conditions of Participation related to medical records. This includes ensuring encryption, author authentication, and protection of patient confidentiality.
  • The healthcare organization must implement policies and procedures for continuous evaluation of the STP’s security and functionality.
  • Orders sent through STP must be dated, time-stamped, authenticated, and promptly added to the medical record.
  • The transferred information must be accurately documented, finalized in a timely manner, appropriately archived, and easily accessible.

Texting is now deeply embedded in our communication fabric. Its ubiquity ensures that medical professionals—like everyone else—will naturally gravitate toward using their phones for rapid information sharing. However, if healthcare providers choose to engage in such practices, they must do so in strict accordance with the regulatory safeguards established by the federal government and its accrediting bodies.

Leave a Comment

Your email address will not be published. Required fields are marked *

About us:

Vortex Medical Billing stands out as a premier provider of medical billing services, catering to healthcare practitioners, individual practices, physician groups, and hospitals.

Services

Newsletter

Follow Us

Contact Us

© 2024 Silicon Tech Services. All rights reserved. Vortex Consultings is a subsidiary of Silicon Tech Services.