In the May 2016 edition of Perspectives, The Joint Commission announced the end of its ban on sending patient care orders by text message effective immediately for all accreditation programs.

In 2011, The Joint Commission published a set of Frequently Asked Questions (“FAQs”) prohibiting physicians or licensed independent practitioners from texting orders for patient care to the hospital or other health care setting. The Joint Commission was concerned with the security measures of technology at that time. The prime concern was the inability to verify the identity of the person sending the text and the inability to retain the original message as validation of what was entered into the medical record. The Joint Commission now believes that current technology platforms are adequate to support the use of text messaged orders.

Health care organizations may allow orders to be transmitted through text message provided they use a securing messaging platform that includes:

  • A secure sign-on process;
  • Encrypted messaging;
  • Delivery and read receipts;
  • A date and time stamp;
  • Customized message retention time frames; and
  • A specified contact list for individuals authorized to receive and record orders.

Texting orders must still comply with the requirements of the Medication Management Standard MM.04.01.01 for a complete medication order.

Health care organizations should revise their text messaging policies and procedures in accordance with their secure messaging capabilities. In revising policies and procedures for text messaging, health care providers should specify how orders will be dated, timed, confirmed and authenticated by the ordering provider. Additionally, health care organizations should develop procedures to document whether the texting order will be automatically integrated into the electronic health record via the secure text messaging platform or entered manually.

The Joint Commission has stated the requirements addressing verbal orders (PC. 02.01.03 and RC.02.03.07) outline issues that may be adopted into policies and procedures for text orders and also recommends health care organizations take the following actions in implementing texting orders:

  • Create risk management strategy;
  • Conduct a risk assessment;
  • Develop an attestation documenting the capabilities of the secure text messaging platform;
  • Define when text orders are or are not appropriate;
  • Monitor how frequently texting is used;
  • Assess compliance with texting policies and procedure; and
  • Educate staff and providers on policies and procedures for appropriate use of the secure text messaging platform.

Mobile device security has become an important topic as more doctors and nurses bring their own personal devices into the workplace, forcing health care organizations to adopt BYOD policies in an effort to control how the device is used for work communications. According to a recent report, around 80 percent of physicians have adopted the use of smartphones and medical apps, and more than 25 percent of physicians are using mobile technology to provide patient care. Health care organizations need to carefully evaluate the messaging platform they intend to deploy to verify that it is secure and meets HIPAA standards.