Is texting HIPAA compliant?

Texting, or text messaging, is the act of composing and sending electronic messages between two or more mobile phones, or fixed or portable devices over a phone network. Text messages are usually brief, encompassing a limited number of characters, and are often used for quick, personal communication.

Screenshot of a text message on an iPhone

Texting in healthcare

In healthcare, texting can play a crucial role in enhancing communication and improving patient care. It can be used to send reminders for appointments, medication reminders, or to check in on a patient's health status. It can be used by healthcare teams to share quick updates or urgent information about patients.

Texting and HIPAA compliance

However, standard texting services provided by telecom carriers are typically not HIPAA compliant, primarily because they lack encryption for data in transit and at rest. In addition, most carriers will not sign a Business Associate Agreement (BAA), a requirement for HIPAA compliance. Therefore, healthcare providers are advised not to use regular texting services for transmitting any Protected Health Information (PHI). It's recommended to use a secure, HIPAA-compliant messaging app when dealing with PHI.

Staying HIPAA Compliant

Take a look at our ultimate guide to HIPAA compliant software and services for help selecting compliant service providers. Though careful vendor evaluation and selection is only one piece of the puzzle for maintaining HIPAA compliance. At TeachMeHIPAA, we offer an affordable HIPAA training solution to ensure your staff are knowledgeable in how to comply, and to help you meet your legally mandated HIPAA training requirement with ease. Learn more about our tips and tricks for maintaining compliance with our HIPAA compliance blog