HIPAA and Physician Texting: Friend or Foe?Greg Garner
As physicians conduct business and see patients using smart technology, the window for physicians to violate the HIPAA laws is great. While using technology makes things much easier and physicians can converse back and forth with other physicians in an efficient manner, the lines become blurred when physicians converse on text messaging about a patient in an environment that could lead to a violation of PHI.
Texting and HIPAA
Physicians are required by law to preserve and protect the personal information of any patient. Although they can disclose certain things like payment, operations and certain information for treatment, HIPAA requires that there are rigid standards in the administrative, physical and technical safety protocols. With technology being so prevalent, physicians may be in consistent violation of HIPAA laws.
Anytime a physician leaves his device vulnerable with patient information on it for outsiders to see or access, there is a huge risk and implication that they are exposing PHI. How will they know whether or not someone has seen their device? Physicians need to employ features that will wipe the screen clean, or must have an automatic lock on the device to ensure there are no breaches. Even if someone saw patient information on the physician’s device by accident, it is still considered a HIPAA violation.
How to Prevent Physician Violations
Physicians must become proactive in protecting their devices to alleviate any potential breaches of PHI. Here are a few suggestions:
- Use password protection
Using a password on the device can help in protecting sensitive client information. Physicians who utilize programs where the password must be changed within a certain time period is useful in making sure no one will be able to access the password.
- Use an encryption software
Physicians using technological devices should be employing the use of encryption and decryption software to transmit messages to each other to protect patient information. This will be difficult for anyone to access this information and will keep them in HIPAA compliance.
- Get counsel
Getting the advice of a healthcare attorney can assist in putting protocols in place that will help alleviate the risk and chances of violating the HIPAA laws. An attorney can better understand the ramifications of a violation and will be able to properly advise the physician and their colleagues on what can and cannot be done.
- Use a secure network
Physicians should be cognizant of the network they are using with their devices. Extra precautions should be taken to eliminate using any open network where information on their devices can be compromised.
These are a few ways physicians can avoid exposing PHI and avoid HIPAA violations. Although there a number of security protocols that can be taken, the physician has to be proactive enough to determine whether or not the device they are using is secure enough to risk communicating patient information. Taking the time to integrate safety standards on their device can add an additional layer of protection for their patients and themselves.