I am studying for the nursing exam, and part of that is getting an understanding of HIPAA, especially patient records confidentiality.
From what I understand, Doctors, Nurses and Hospitals can send any patient information such as discharge or admission times, and certainly not any information about their medical issues, through a non-HIPAA compliant system.
Text messages between patient and doctors are a good example of this, since the data can be intercepted, or the information is stored on the phone and loosing the phone would be a breech of patient confidentiality.
Yet, I see it all the time in hospital and doctor’s offices, and I have received texts from doctors with confidential patient information.
As I was looking into this issue, I found that Tigertext.com provides a HIPAA compliant text messaging system that meets HIPAA rules, since the text messages self delete from the phone after they are read.
So, my questions are:
- What is the penalty for breeching patient confidentially by sending normal text messages?
- Tigertext cost $10 a month, which is very affordable, but should the hospital provide it to it’s staff, or should the doctors and nurses get it individually?
- Will a hospital be HIPAA compliant if it doesn’t provide it for it’s staff?
The HIPAA Security rules are here: