Blogs about apps, our app development experiences, and what's new in this industry.
Saturday, February 23, 2013
How Medical Professionals Use Texting and Still Comply with PHI
In a previous blog I recapped how text messaging had become a preferred method of communication for those working in the emergency room (ER). Now, some medical professionals have looked at texting as a means of sending information regarding patient follow ups.
Study at a Glance and HIPAA
A recent study published in the American Journal of Public Health (AJPH) looked at using text messaging to follow up with lower-income parents whose children had received a flu shot and needed follow-up visits.
The participants determined they wanted to send targeted messages, which were to include the child’s name and a reference to a “second flu shot.”
That seemed like an easy and effective way to remind parents about a follow-up visit, and texting provides an easy way to communicate with a majority of patients. However, there were problems with the language. The message contained Patient Health Information (PHI) as defined by the Health Insurance Portability and Accountability Act (HIPAA). Under HIPAA, all communication must protect patient information. In this case, the message had the patient’s name and implied he/she had already received a flu shot. Those two pieces of information violated patient privacy.
Text messaging is also not considered a secure form of electronic communication. Even when sent by secured means, there is no way to guarantee the intended recipient receives the message.
The study team found away to protect PHI. It eliminated names and made the language generic. Instead of saying that a child needed a second flu shot, the team send a reminder that some children may need a second one. The message ended by prompting the recipient to call for an appointment.
Concluding Thoughts
The study serves as a good reminder for those medical professionals who prefer texting. It is a feasible means to communicate as long as the messages keep patient information private. The study also sets a standard on how to comply with HIPAA and PHI.
Friday, November 2, 2012
Texting Among Physicians Grows; Prefer Non-Hospital Issued Phones
- More than half of the respondents, 57 percent, said they send or receive work-related text messages.
- Twenty-seven percent of respondents favored texting for communication.
- Twenty-three percent of respondents favored hospital-issued pagers.
- Twenty-one percent favored face-to-face communication.
- Nine of out of 10 respondents reported using a smartphone for communication purposes.
Saturday, November 5, 2011
Do HIPAA Laws Constrain the Ability to Develop and Market Medical Apps?
Last week I discussed how the Food and Drug Administration (FDA) has drafted guidelines when it comes to regulating medical mobile apps used as medical devices. That spurred me to wonder what role does the Health Insurance Portability and Accountability Act (HIPAA) play in the development and use of medical apps. Do developers and app users even need to consider HIPAA and how do they know if they violate privacy concerns?
The issue comes down to what information the app displays and who will use the app. In general, HIPAA only applies to “covered entities” and their “business associates.” These may seem like somewhat vague terms, but the definitions are not too confusing:
- Covered entities apply to things such as employer-sponsored insurance, places that process health care claims or healthcare providers that electronically conduct transactions
- Business associates apply to entities that protect health-related information.
In simple terms, if information displays an actual service date, patient information or other confidential information, app developers are subject to HIPAA laws. Apps designed to provide general medical information are not. While the definitions and examples make sense, they have the potential to become muddled. If someone sends information to his/her physician, HIPAA does not apply. Here is where it gets interesting – once a physician who is covered by HIPAA receives that information, the app becomes subject to privacy laws.
Concluding ThoughtsWhat do developers do in these cases? When they work on an app, they will need to consider the audience – the user factors into this equation, but how developers choose to distribute the app really does not. If the app provides non-patient specific information, HIPAA does not apply. Once the app involves patient information, developers would benefit by ensuring they use a HIPAA checklist because it may become easy to blur the lines – especially if healthcare professionals and patients use the same app.
·