Contact Us
Subscribe to this blog via RSS
Join us on LinkedInCategories
- Medical Spas
- medical billing
- No Surprises Act
- Mandatory vaccination policies
- Workplace health
- Coronavirus Aid, Relief and Economic Security Act
- Code Enforcement
- Department of Labor ("DOL")
- Employment Law
- FFCRA
- CARES Act
- Nursing Home Reform Act
- COVID-19
- Families First Coronavirus Response Act
- Family and Medical Leave Act (“FMLA”)
- SB 150
- Acute Care Beds
- Clinical Support
- Coronavirus
- Emergency Medical Services
- Emergency Preparedness
- KBML
- medication assisted therapy
- Department of Health and Human Services
- Legislative Developments
- Corporate
- United States Department of Justice ("DOJ")
- Employee Contracts
- Non-Compete Agreement
- Opioid Epidemic
- Sexual Harassment
- Health Resource and Services Administration
- Litigation
- Medical Malpractice
- House Bill 333
- Senate Bill 79
- locum tenens
- Senate Bill 4
- Physician Prescribing Authority
- Chronic Pain Management
- HIPAA
- Prescription Drugs
- "Two Midnights Rule"
- 340B Program
- EHR Systems
- Hospice
- ICD-10
- Kentucky minimum wage
- Minimum wage
- Primary Care Physicians ("PCPs")
- Skilled Nursing Facilities (“SNFs”)
- Uncategorized
- Drug Screening
- Electronic Health Records (“EHR")
- HIPAA Risk Assessment
- KASPER
- Mental Health Care
- Office for Civil Rights ("OCR")
- Urinalysis
- Affordable Insurance Exchanges
- Certificate of Need ("CON")
- Compliance
- Department of Health and Human Services (HHS)
- Federally Qualified Health Centers (“FQHCs”)
- Fraud
- Health Care Fraud
- HPSA
- Kentucky Board of Medical Licensure
- Kentucky’s Department for Medicaid Services
- Office of Inspector General of the United States Department of Health and Human Services (OIG)
- Pharmacists
- Physician Assistants
- Qui Tam
- Rural Health Centers (“RHCs”)
- Stark Laws
- Telehealth
- Accountable Care Organizations (“ACO”)
- Affordable Care Act
- Alternative Payment Models
- Anti-Kickback Statute
- Centers for Medicare & Medicaid Services (“CMS”)
- Charitable Hospitals
- Data Breach
- Electronic Protected Health Information (ePHI)
- False Claims Act
- Fee for Service
- Health Information Technology for Economic and Clinical Health Act (HITECH Act)
- Health Insurance Portability and Accountability Act of 1996 (HIPAA)
- Health Professional Shortage Area ("HPSA")
- Hospitals
- HRSA
- Limited Services Clinics
- Medicaid
- Medical Staff By-Laws
- Medically Underserved Area ("MUA")
- Medicare
- Mid-Level Practitioners
- Part D
- Patient Protection and Affordable Care Act (“ACA”)
- Rural Health Clinic
- American Telemedicine Association (“ATA”)
- Criminal Division of the Department of Justice (“DOJ”)
- Health Care Fraud Prevention and Enforcement Action Team (“HEAT”)
- Hydrocodone
- Kentucky Board of Nursing
- Kentucky Pharmacists Association
- Qualified Health Care Centers (“FQHC”)
- Telemedicine
- APRNs
- United States ex. Rel. Kane v. Continuum Health Partners
- Webinar
- Agreed Order
- Chain and Organization System (“PECOS”)
- Chiropractic services
- Clinical Laboratory Improvement Amendments of 1988 (“CLIA”)
- Douglas v. Independent Living Center of Southern California
- Drug Enforcement Agency ("DEA")
- Emergency Rooms
- Enrollment
- Hinchy v. Walgreen Co.
- Jimmo v. Sebelius
- Kentucky Senate Bill 7
- Maintenance Standard
- Medicare Part D
- Minors
- Ophthalmological services
- Overpayments
- Physician Compare website
- Re-validation
- Texting
- Vitas Innovative Hospice Care
- 2014 Medicare Physician Fee Schedule (“PFS”)
- 501(c)(3)
- All-Payer Claims Database ("APCD")
- Appeal
- Chronic Care Management
- Compliance Officer
- Compounding
- CPR
- Dispenser
- Drug Quality and Security Act (“DQSA”)
- Essential Health Benefits
- HealthCare.gov
- House Bill 3204
- ICD-9
- Kindred v. Cherolis
- Long-term care communities
- National Drug Code ("NDC")
- New England Compounding Center ("NECC")
- Outsourcing facility
- Ping v. Beverly Enterprises
- Power of Attorney ("POA")
- Prescriber
- State Health Plan
- Sustainable Growth Rate (“SGR”)
- "Plan of Correction"
- Affinity Health Plan
- Arbitration
- Cadillac tax
- Centers for Disease Control and Prevention
- Community health needs assessment (“CHNA”)
- Condition of Participation ("CoP")
- Daycare centers
- Denied Claims
- Department of Medicaid Services’ (“DMS”)
- Division of Regulated Child Care
- Employer Mandate
- Federation of State Medical Boards (“FSMB”)
- Food and Drug Administratio
- Form 4720
- Grace Period
- Health Professional Shortage Areas (“HPSA”)
- Home Health Prospective Payment System
- Home Medical Equipment Providers
- Hospitalists
- Individual mandate
- Inpatient Care
- Intermediate Sanctions Agreement
- Kentucky Health Benefit Exchange
- Kentucky Medical Practice Act
- Kynect
- Licensure Requirements
- LLC v. Sutter
- Long-Term Care Providers ("LTC")
- Low-utilization payment adjustment ("LUPA")
- Medicare Shared Saving Program (MSSP)
- Mobile medical applications ("apps")
- Model Policy for the Appropriate Use of Social Media and Social Networking in Medical Practice (“Model Policy”)
- National Institutes of Health
- Network provider agreement
- Nonprofit hospitals
- Nonroutine medical supplies conversion factor (“NRS”)
- Payors
- Personal Service Entities
- Physician Payments
- Physician Recruitment
- Physician shortages
- Qualified Health Plan ("QHP")
- Quality reporting
- Residency Programs
- Social Media
- Spousal coverage
- Statement of Deficiency ("SOD")
- Upcoding
- UPS
- “Superuser”
- Advanced Practice Registered Nurses
- Audit
- Autism/ASD
- Business Associate Agreements
- Business Associates
- Call Coverage
- Decertification
- Doe v. Guthrie Clinic
- EHR vendor
- Employer Group Health Plans
- ERISA
- Fair Labor Standards Act (FLSA)
- False Billings
- Group Purchasing Organizations ("GPO")
- Health Reform
- House Bill 104
- Kentucky House Bill 159
- Kentucky House Bill 217
- Licensed practical nurses (LPN)
- List of Excluded Individuals and Entities
- Meaningful use incentives
- Medicare Administrative Coordinators
- Medicare Benefit Policy Manual
- Nurse practitioners (NP)
- Office of the National Coordinator for Health Information Technology (“ONC”)
- Part A
- Part B
- Patient Autonomy
- Patient Privacy
- Personal Health Information
- Provider Self Disclosure Protocol
- Registered nurses (RN)
- Self-Disclosure Protocol
- Senate Bill 39
- Senate Finance Committee Report
- State Medicaid Expansion
- Trade Association Group Coverage
- Center for Disease Control
- Compliance Programs
- Critical Access Hospitals (“CAHs”)
- Essential Health Benefits (“EHBs”)
- Genetic Information Nondiscrimination Act ("GINA")
- Healthcare Information and Management Systems Society (HIMSS)
- Kentucky Primary Care Centers (“PCCs”)
- Managed Care Organizations (“MCOs”)
- Medicare Audit Improvement Act of 2012
- Recovery Audit Contractors (“RAC”)
- Small Business Health Options Program (“SHOP”)
- Sunshine Act
- Abuse and Waste
- Consumer Operated and Oriented Plan programs (“CO-OPS”)
- Free Conference Committee Report
- House Bill 1
- House Bill 4
- Kentucky Cabinet for Health and Family Services
- Kentucky Health Care Co-Op
- Kentucky Health Cooperative (“KYHC”)
- Kentucky “Pill Mill Bill”
- Occupational Safety and Health Administration (“OSHA”)
- Pain Management Facilities
- Employee Agreement
- Health Care Fraud and Abuse Control Program
- Health Insurance
- Healthcare Regulation
- Health Care Law
McBrayer Blogs
Secure Text Messaging in a HIPAA World?
Texting is becoming an increasingly acceptable form of communication in the business world, but can it be relied upon in the health care industry? There are numerous advantages to texting in the fast-paced world of health care. In an environment where time is of the essence, voicemails and pagers can slow down providers’ care and fail to convey adequate information. A text, on the other hand, is both immediate and can be detail-specific. In addition, texting can involve more than one sender and/or receiver in a closed-loop conversation, and, unlike through the paging system, a sender can be notified when the message has been read by the receiver(s). Text messaging can not only improve an entity’s efficiency, but it can also serve as a way to easily connect with patients, thereby improving quality of care.
With every rose, however, there is a thorn. And texting’s thorn is the threat of HIPAA violations when transmitting protected health information (PHI). HIPAA does not expressly prohibit texting to communicate health information, but it does require a system of physical, administrative, and technological safeguards that ensure the privacy and security of PHI communicated through texts. In other words, texting can be an acceptable form of communication between providers (and even providers and their patients), but only if appropriate precautions are taken.
Traditional SMS text messages (the kind sent from one mobile device to another) are generally unsecure for numerous reasons:
- They lack encryption;
- It is easy to send a text to an unintended recipient (i.e., wrong number);
- Wireless carriers may retain message and usage data on their servers;
- Because text messages are sent and received in “plain text”, they may be intercepted and read by third parties;
- Phones containing stored messages may be lost or stolen.
Realizing the risks that traditional text messaging presents in the health care setting, some companies have created so-called “HIPAA-compliant,” secure text messaging applications. Doc Halo, TigerText, and Sprint Enterprise Messenger are just a few examples. Promoting these apps as “HIPAA-compliant” is a dangerous assertion because, as noted above, HIPAA compliance is a system of safeguards – not one feature of a particular app or device. If covered entities do approve staff and provider text messaging (whether internally, with patients, or both), the risks must be considered as part of the organization’s HIPAA compliance analysis. Check back on Thursday for more information on how to evaluate the pros and cons of texting in the health care industry.
Services may be performed by others.
This article does not constitute legal advice.
