There are limited circumstances in which HIPAA compliant text messaging is possible. Texting patient information among members of the healthcare team is permissible ONLY when accomplished through a secure platform and for facilitation of care team collaboration and patient care.
Permitted:
- Use WVUHS approved platforms for secure messaging (Epic Secure Chat, Zip IT and Spok Mobile).
- Immediately report all unencrypted text messages that are received or sent that contain any PHI to the Enterprise Privacy Director, the CISO or the WVUHS IT HelpDesk.
- Use Fuji’s Synapse VNA Connect Mobile and the Epic Mobile Applications Haiku, Canto or Rover when clinical images are being captured to become part of the legal medical record.
Not Permitted:
- Use text messaging applications not approved by WVUHS (such as SMS and iMessage) to send PHI, PII or sensitive information. Use of unapproved platforms is prohibited.
- Use Voice to Text applications, such as Siri, communicate any PHI, PII or confidential information. These are prohibited and not HIPAA compliant.
- Take screen shots, photographs or any replications of secure texts or images sent via Spok Mobile or Epic Secure Chat on an individual’s device (e.g., cannot take photographs of the secure message transmissions).
- Screen capture of share PHI, PII or confidential information with others not bound by WVUHS confidentiality agreements is strictly prohibited.
Please send any questions to WVUMNOPP@wvumedicine.org.