If your medical office uses texting as a mode of communication within the organization and with patients, it is important to take steps to incorporate secure text messaging into your practice’s communications in order to remain HIPAA compliant.
- Use secure messaging which is encrypted instead of SMS (Short Message Service) which is not encrypted.
- Disable SMS (Short Message Service) preview on your device. If you do not have SMS preview disabled on your device, then others can view text messages on your device’s locked screen without authenticated or authorized access.
- Encrypt data in motion using a virtual private network (VPN) or a secure browser connection.
For more information about texting and HIPAA, including examples of HIPAA violations from unencrypted text messages, please click here.
For additional preventative measures you can take to reduce the likelihood of a HIPAA violation, download CAP’s guide The 6 Most Common HIPAA Violations.
This information should not be considered legal advice applicable to a specific situation. Legal guidance for individual matters should be obtained from a trained attorney.