Update on Texting Patient Orders


The Joint Commission (TJC) has concluded that it is not acceptable to use secure text messaging for patient care orders. Industry experts weighed in on the pros and cons of implementing secure text orders, and the impact on patient safety remained unclear. Therefore, TJC and the Centers for Medicare and Medicaid Services (CMS) were both opposed to this practice. Their three main reasons were:

1. Texted orders would require nurses to manually transcribe them into the electronic health record (EHR) system, creating a burden that may harm their ability to care for patients.

2. Whereas verbal orders allow for real-time clarification, texted orders create an additional communication step that may make clarification more difficult.

3. If a clinical decision support recommendation or alert is triggered during order entry, a person manually entering a text order into the EHR would have to contact the ordering practitioner through an additional step, resulting in delayed treatment.

Secure texting can be HIPAA-compliant, as long as you have appropriate safeguards, policies and procedures, and properly trained staff. However, if you are subject to TJC accreditation or seeking it, you cannot text patient care orders. TJC and CMS will provide future guidance as needed on this issue.

Need more help? Grab our PHI Decision Tree!

This simple cheat sheet makes it easy to recognize every time you’re interacting with protected health information.

Request A HIPAAtrek Demo

HIPAAtrek User
Compliance is complicated. Your compliance software doesn’t have to be. Schedule your demo today!

You Might Also Like

Double Extortion: What It Is, and How You Can Prevent It

If organizations refuse to pay their ransom, attackers are threatening to release the data publicly. This will of course include sensitive information and PHI. Before Double Extortion, we assumed that hackers could not actually access our data and were only with-holding it from victims to disrupt the ability to continue their work. Now we know they can extract this information and publish it online, breaching our patient’s security.

Read More »