CMS Issues New Guidance on Texting of Patient Information and Orders

Centers for Medicare & Medicaid Services (CMS) in its Feb. 8, 2024, memorandum, issued new guidance effective immediately for health care providers in hospitals and critical access hospitals (CAH) on texting patient information and orders:

• • Providers can text patient information and patient orders among members of their health care team if they use a HIPAA compliant secure texting platform (STP) and in compliance with the Conditions of Participation (CoPs).
  • Computerized Provider Order Entry (CPOE) continues to be the preferred method of order entry by a provider.

Previously, in its Jan. 5, 2018, memorandum, CMS had determined the practice of texting patient orders from a provider to a member of the care team would not be compliant with the CoPs, citing concerns with record retention, privacy, confidentiality, security and the integrity of existing systems at that time.

When CMS developed the 2018 guidance, hospitals and critical access hospitals did not have the ability to use secure texting platforms to incorporate text messages into the medical record. Since then, texting has become an important means of communication among providers while encryption and the interface between texting platforms allowing for data transfer into electronic medical records (EHR) have improved, according to CMS.

CMS advises for providers to comply with the CoPs, to:

• • Utilize and maintain systems/platforms that are secure and encrypted.
  • Ensure the integrity of author identification and minimize risks to patient privacy and confidentiality per HIPAA.
  • Implement procedures/processes that routinely assess the security and integrity of the texting systems/platforms to avoid negative outcomes.

Please contact Courtney Hurtig, Beau Haynes, Matthew Harrell or any member of the Phelps Health Care team if you have questions or need advice or guidance.