How to Be HIPAA Compliant While Texting

If your medical office uses texting as a mode of communication within the organization and with patients, it is important to take steps to incorporate secure text messaging into your practice’s communications in order to remain HIPAA compliant. 

  1. Use secure messaging which is encrypted instead of SMS (Short Message Service) which is not encrypted.
  2. Disable SMS (Short Message Service) preview on your device. If you do not have SMS preview disabled on your device, then others can view text messages on your device’s locked screen without authenticated or authorized access.
  3. Encrypt data in motion using a virtual private network (VPN) or a secure browser connection.

For more information about texting and HIPAA, including examples of HIPAA violations from unencrypted text messages, please click here.

For additional preventative measures you can take to reduce the likelihood of a HIPAA violation, download CAP’s guide The 6 Most Common HIPAA Violations.

Subscribe to Patient Safety Advocate
Patient Safety Advocate is a free bi-monthly newsletter created by CAP's risk management and patient safety experts, specifically for the independent medical practice.

This information should not be considered legal advice applicable to a specific situation. Legal guidance for individual matters should be obtained from a trained attorney.