SMS Marketing

Are Text Message Appointment Reminders HIPAA Compliant?

text message appointment reminders

If you’re the owner or work at a medical office, text message appointment reminders are probably an invaluable tool for your practice. If you’re wondering if these text reminders comply with the Portability and Accountability Act (HIPAA), the answer is yes. However, there are certain steps you need to take in order to safeguard your patients’ privacy. In this article, we’ll go over those steps you need to take in order to text your patients safely.

At Trumpia, we provide text messaging for medical offices combining top-notch technology and strong compliance with texting laws and regulations. Trumpia also has a zero-tolerance policy against spam, and provides a wide range of resources to inform our users:

If you still have questions or concerns about how to comply with SMS regulations, call us at  1-888-707-3030.

text message appointment reminders

How to Send HIPAA Compliant Text Message Appointment Reminders

Text message appointment reminders are a form of ePHI and are contemplated by HIPAA. Since they’re closely tied to your patients’ treatments, you are permitted to send them without prior authorization. However, TCPA requires that you first gain permission from your patients to send those reminders. 

Here are three steps for you to send appointment reminders that comply with HIPAA:

Step 1: Know What to Show on Your Text Reminders

You need to be careful of the information you disclose on your appointment reminders. Be careful of what you show and don’t show on those messages. Providing certain information can be considered a violation of your client’s privacy.

Show

  • Patients first and last name.
  • Date and time of your appointment.
  • Provider’s first and last name.
  • Provider’s phone number.

Don’t Show

  • Test results.
  • The nature of your patient’s disease / condition.
  • Any treatment plans and/or diagnosis.

Step 2: Obtain Permission

You can request express written consent from your patients to receive your text message appointment reminders through online form submissions and SMS message replies. You should also make sure that your Notice of Privacy Practices (NPP) is available, updated, and easy to understand. 

The NPP provides information on how patients can opt in and out of your SMS appointment reminders. Many people don’t read it, so it is a good idea for you to offer an opt-out option on your text reminders. And even if they read it, you should prompt patients to regularly verify their contact information in your patient portal if your clinic or office provides such service.

Step 3: Control Access to PHI

HIPAA requires that you warn your patients in writing about the risk of sending Protected Health Information (PHI) through text messages. Healthcare providers are not supposed to send PHI information in text message appointment reminders, nor provide such information on patients’ portals. 

For that reason, it’s important for you to control access to PHI. To do that, you should:

  • Make sure all authorized users have a unique user identification at the moment of using a system that sends and receives text messages and contains PHI information.
  • Provide another layer of security to verify authorized users. Example: An additional one-time password.
  • Define who should have access to PHI, and in which specific emergency situations.
  • Make sure every user is logged out of the texting platform containing PHI after a certain period of inactivity.
  • In order to curb unauthorized access to PHI, any HIPAA-compliant text messages must be encrypted.

Bonus Step: Use The Right Texting Software

This step is not mandatory but it’ll definitely make your life easier. Partnering up with a solid texting software can save you time, give you incredible results and more importantly, provide peace of mind. Make sure your patients don’t miss any appointments and rest assured that those messages comply with SMS regulations!
Try Trumpia for 14 days for free and get all the benefits of a Premium Plan right from the beginning. No credit card required!