Several studies show that patient-centered communication improves patient outcomes. HIPAA compliant texting is the most convenient way to stay connected with your patients. This guide outlines best practices for using Paubox Texting.
Before you start texting
Obtain consent for text messaging
Patients must be fully aware of and agree to receive these text messages from your healthcare organization. “Informed consent is both an ethical and legal obligation of medical practitioners in the US,” explains the National Library of Medicine.
So, before texting patients, be sure to obtain their informed consent. Streamline this process by integrating text message consent into your existing digital communication consent forms.
Inform patients about text messaging
Be sure to inform your patients through email or other communication channels that you’ll be using Paubox Texting. Patients must know what to expect, including the short code sender number “728269” and the “Secured by Paubox” message identifier.
Your HIPAA compliant email could say:
"Hi [patient's name],
[Healthcare provider/organization name] is now offering secure text messaging through Paubox Texting for appointment reminders, health information updates, and other important communications. This HIPAA compliant service ensures the privacy and confidentiality of your health information.
To identify messages from us, look for the sender's short code number “728269” and the phrase "Secured by Paubox" within the text message."
Sending the first text
Identify yourself and the organization
Your first text message should clearly state your healthcare organization's name so patients don’t think the message is spam.
State the purpose of the text
Briefly explain the purpose of your message. If it’s an appointment reminder say, “Appointment reminder for [date/time]” or if it’s a health information update say, “Important health update regarding [specific condition].”
Include opt-in and opt-out options
Provide clear instructions for opting in or opting out of text messaging. For example, instructing patients to reply "START" to opt-in or "STOP" to opt-out, gives them control over their communication preferences.
Disclose potential costs
Inform patients that standard message rates may apply from their mobile carrier. Simply include, "Standard message rates may apply."
Reassure patients about confidentiality
Always include a statement reassuring patients that their information is secure, according to HIPAA regulations. The text should say something like “This message is HIPAA compliant.”
Here are some examples to get you started
Sample text with opt-in
"Reply START if you’d like to receive appointment reminders and health information via text message from [Healthcare Provider/Organization Name]. Your information will be kept secure and confidential in accordance with HIPAA regulations. Msg & data rates may apply. Cancel at any time by replying STOP."
Sample text with opt-out
"Welcome to secure text messaging from [Healthcare Provider/Organization Name]. We'll use this service for appointment reminders, health information, updates, and more. Your information will be kept secure and confidential in accordance with HIPAA regulations. Reply STOP at any time to opt-out. Msg & data rates may apply."
See also: How to get consent for texting and emailing patients
FAQs
What makes a text message HIPAA compliant?
Providers must use a HIPAA compliant text messaging platform, which uses encryption, access controls, and authentication measures to protect patient privacy.
Additionally, providers must obtain explicit patient consent, limit PHI, and train staff on sending HIPAA compliant text messages.
Can HIPAA compliant texts include images or attachments?
Yes, Paubox texting automatically encrypts images and attachments, protecting PHI during transmission and at rest.
Can providers use personal phones for HIPAA compliant texting?
Using a personal phone can be risky unless providers use a HIPAA compliant texting solution. Paubox ensures that all text communications are encrypted and HIPAA compliant, making it safe to send patient information.
