In the Joint Commission Perspectives May 2016 edition, the Commission reversed its 2011 position prohibiting clinician texting of patient orders within accredited health care institutions, stating technological advancements now allow for secure transmission. The Joint Commission first issued its ban in 2011 by posting an often overlooked response to the frequently asked question regarding the by then ubiquitous communication tool: “[I]t is not acceptable for physicians or licensed independent practitioners to text orders for patients to the hospital or other healthcare setting. This method provides no ability to verify the identity of the person sending the text and there is no way to keep the original message as validation of what is entered into the medical record.”

While the Commission did not have a specific policy against electronic communications, its FAQ response highlighted concerns surrounding texting’s privacy, security, reliability and record retention shortcomings. Following FAQ response’s posting, institutions accredited by the Commission were expected to comply with the texting ban on clinical orders. However, recent studies have shown that permitting the texting of orders within health systems could significantly increase hospital efficiencies and reduce the length of patient stays.

Noting increased security functionalities, the Commission stated its previous concerns could be satisfactorily addressed, even when clinicians sent messages from their personal devices. Therefore, clinicians practicing within accredited institutions may now send orders for patient care, treatment, and services via text message if certain criteria are satisfied. In particular, texting is only permitted through a secure text messaging platform comprising the following features:

  • Secure sign-on process
  • Encrypted messaging
  • Delivery and read receipts
  • Date and time stamp
  • Customized message retention time frames
  • Specified contact list for individuals authorized to receive and record orders

In addition, institutions allowing text orders must comply with Medication Management Standard MM.04.01.01; implement policies and procedures for text orders specifying how text messaging will be dated, timed, confirmed, and authenticated by the ordering clinician; and ensure that text orders are properly documented in the patient’s medical record.In the wake of several security attacks on hospitals and other health care providers, this action by the Joint Commission shows that while security threats may persist, standards and rule-setting organizations are willing to incorporate technology into established health care workflows if those entities take a proactive and reasoned security approach.

Institutions are further advised to: (i) develop an attestation documenting the capabilities of their secure text messaging platform, (ii) define when text orders are appropriate, (iii) monitor how frequently texting is used for orders, (iv) assess compliance with texting policies and procedures, (v) develop a risk management strategy and perform a risk assessment, and (vi) conduct training for staff, licensed independent practitioners, and other practitioners on applicable policies and procedures. The Commission further directed institutions to consult the Office of the National Coordinator for Health Information Technology’s (ONC) guidance on mobile device security and Managing Mobile Devices in Your Health Care Organization.

In the wake of several security attacks on hospitals and other health care providers, this action by the Joint Commission shows that while security threats may persist, standards and rule-setting organizations are willing to incorporate technology into established health care workflows if those entities take a proactive and reasoned security approach.