Texting of Patient Information among Healthcare Providers
The Centers for Medicare and Medicaid Services (CMS) has issued a memorandum clarifying their position as it relates to texting.
Texting of Patient Orders is Prohibited Regardless of the Platform Utilized
CMS does not permit the texting of orders by physicians or other health care providers. The practice of texting orders from a provider to a member of the care team is not in compliance with the Conditions of Participation (CoPs) or Conditions for Coverage (CfCs). Computerized Provider Order Entry (CPOE) is the preferred method of order entry by a provider.
The following CMS hospital Condition of Participation for Medical Records requirements apply:
- §489.24(b) Standard: Form and retention of record. The hospital must maintain a medical record for each inpatient and outpatient. Medical records must be accurately written, promptly completed, properly filed and retained, and accessible. The hospital must use a system of author identification and record maintenance that ensures the integrity of the authentication and protects the security of all record entries.
- (1) Medical records must be retained in their original or legally reproduced form for a period of at least 5 years. And,
- (3) The hospital must have a procedure for ensuring the confidentiality of patient records. Information from or copies of records may be released only to authorized individuals, and the hospital must ensure that unauthorized individuals cannot gain access to or alter patient records. Original medical records must be released by the hospital only in accordance with Federal or State laws, court orders, or subpoenas.
- (4) All records must document the following, as appropriate:
- (i) Evidence of—
- (vi) All practitioners' orders, nursing notes, reports of treatment, medication records, radiology, and laboratory reports, and vital signs and other information necessary to monitor the patient's condition.
CMS does permit texting patient information among members of the health care team if accomplished through a secure platform.
- CMS recognizes that the use of texting as a means of communication with other members of the healthcare team has become an essential and valuable means of communication among the team members.
- In order to be compliant with the CoPs or CfCs, all providers must utilize and maintain systems/platforms that are secure, encrypted, and minimize the risks to patient privacy and confidentiality as per HIPAA regulations and the CoPs or CfCs.
- It is expected that providers/organizations will implement procedures/processes that routinely assess the security and integrity of the texting systems/platforms that are being utilized, to avoid negative outcomes that could compromise the care of patients.
Included with today’s notice are example policies related to the use of texting by healthcare providers.
Want to read the full alert and receive alert emails?