As a direct medical malpractice insurance representative to the nation’s largest physician owned medical malpractice insurance carrier, one of the many benefits is their wealth of resources. Last night I experienced an example of those many resources as I attended (well, actually our agency – The Doctors of Northern California Insurance Agency hosed a continuing medical education event in Walnut Creek.
Dana Faber, one of our patient safety experts presented claims in Plastic Surgery. During an interactive presentation, she shared some of the findings of several plastic surgery claims studied recently by our panel of expert claims reviewers. One of the goals of the claims review panels is to share information about what elements of the surgery, consultation, service, communication, documentation, follow up, etc could have been handled differently and then, importantly to share them.
Similarly, our expert Patient Safety Team recently studied the tendency, temptation, trend of texting in the medical profession.
As the first medical professional liability insurer to establish a patient safety department, The Doctors Company remains the leader in developing innovative tools that can help you reduce risk and keep your patients safe.
Texting is instantaneous, convenient, and direct. However, texting can introduce some hazards….some inherent risk of confidentiality breach texting can lead to violations of the Health Insurance Portability and Accountability Act (HIPAA).
Here is what The Doctors’ Company recommends as safeguards against HIPAA violations.
Safeguard against HIPAA violations.
Text messages among colleagues should be encrypted and exchanged in a closed, secure network.
However, according to a member survey conducted by the College of Healthcare Information Management Executives, 96.7 percent of those surveyed allowed physicians to text, and 57.6 percent of those surveyed did not use encryption software. The underlying reasons for poor compliance with encryption could be due to lack of technical knowledge or to avoid the inconvenience of sending a message to someone who may not be able to unencrypted it.
With penalties starting at $50,000 per HIPAA violation, safeguarding texts should be of utmost priority. In addition to encrypting texts, consider installing autolock and remote wiping programs. Autolock will lock the device when it is not in use, and it requires a password to unlock it. Wiping programs can erase data, texts, and e-mail remotely. Both types of safeguards provide additional protection in the event a device is lost or stolen.
The Joint Commission has determined that texting does not take the place of writing an order, directing care, prescribing medications;
Texting is too informal to properly document a back and forth exchange,
The mode of communication leads to the use of abbreviations and can lead to misunderstandings. The data texted is never fully deletable, which can be produced at trial and reflect poorly on the physician’s professional judgment.
If text messages are encrypted, the physicians inclined to use this can continue.
Encrypt your mobile device; have a policy that outlines the acceptable text communication information and scenarios, report any incidents of lost data or breach immediately, install remote wiping so that a lost device can be cleaned.
Further steps to take include the following:
- Know your recipient, and double check the “send” field to prevent sending confidential information to the wrong person.
- Avoid identifying patient details in texts.
- Assume that your text can be viewed by anyone in close proximity to you.
Texting is new technology,
And like imaging and telemedicine it will improve the delivery of healthcare and the communication between physicians’ their nurses, staff, colleagues and patients,
And, during this innovative, developing time when these tools are still developing right before our eyes and the use of them varies so widely, please use The Doctors Company Patient Safety Department to assist you in implementing and understanding proper use so that you do not open yourself up to the first party liability of data breach.