The Joint Commission, which accredits hospitals and other health care organizations, recently announced it will not permit hospitals and other health care organizations to use secure text messaging platforms to transmit orders. The announcement is the most recent in a back-and-forth series of guidance statements regarding the use of secure messaging in hospitals and other health care organizations.

In a 2011 FAQ, the Joint Commission stated it was not acceptable for physicians or licensed independent practitioners to text orders for patient care, treatment, or services to hospitals or other health care settings. The Joint Commission reversed its position in May 2016, stating providers could “text orders as long as a secure text messaging platform is used and the required components of an order are included.” The Joint Commission credited the evolution of health care communications technology as part of the reason for its decision to reexamine and allow provider text messaging. Then, in July 2016, the Joint Commission “hit unsubscribe” on its guidance and delayed the use of text messaging until it had time to further consider the clinical and operational implications.

During that period, the Joint Commission worked with the Centers for Medicare & Medicaid Services (“CMS”) to develop guidelines for text-message-based orders to ensure consistency with the Medicare’s Conditions of Participation. As a result of this collaboration, The Joint Commission and CMS developed a set of recommendations contained in its new clarification on the use of messaging for patient care orders. The guidance is summarized as follows:

  1. All health care organizations should have policies prohibiting the use of unsecured text messaging – that is, short message service (“SMS”) text messaging from a personal mobile device – for communicating protected health information.
  2. Computerized provider order entry (“CPOE”) should be the preferred method for submitting orders, as it allows providers to directly enter orders into the electronic health record.
  3. In the event that a CPOE or written order cannot be submitted, a verbal order is acceptable.
  4. The use of secure text orders is not permitted at this time.

The Joint Commission mentioned a few interesting factors that influenced this decision. In particular, the focus was on the technical capabilities of the modality of the communication. It noted that secure text messaging of an order is an asynchronous interaction, whereas a verbal order allows for a real-time, synchronous clarification and confirmation of the order with the ordering practitioner. Similarly, if a clinical decision support recommendation or other alert is triggered during the order entry process, the individual entering the order may need to contact the ordering practitioner for additional information. When this type of alert is triggered during the entry of a verbal order, the entering practitioner can immediately discuss the issue with the ordering practitioner. However, if this occurs with a text order, the delay in communication between the entering practitioner and the ordering practitioner may cause a delay in treatment.

Many of the Joint Commission’s data privacy and security concerns had been addressed through recent technological developments in the health care application space. Despite these advancements, the Joint Commission remains concerned about transmitting text orders even through a secure text messaging system due to the unknown impact of secure text orders on patient safety. The Joint Commission will continue to monitor advancements in the field, and will determine whether future guidance on the use of secure text messaging is warranted.

Secure text messaging may be a convenient mode of communication for practitioners, but this recent guidance indicates that the Joint Commission and CMS do not approve of this use at hospitals or other health care organizations. Health care organizations should update their policies and procedures to ensure that text messaging in any form (secured or unsecured) is not permitted within the organization.