Interesting how methods for delivering the written word have morphed over the years, isn’t it? From carrier pigeon to postal riders to email and so on, and now we have distilled this delivery down to a few informal pecks on our hand-held phones. And by informal, we refer to the propensity on the part of some to use of a new short-hand lingo that involves an array of abbreviations and a unique indifference to the rules of grammar and punctuation. With this in mind, is appropriate for medical professionals to clinically communicate via texting? That’s the question that the U.S. government decided to address this month.
On February 8, 2024, the Director of the Quality, Safety and Oversight Group (QSOG)—an agency within the Department of Health and Human Services (HHS—sent an official memorandum to state survey agency directors, with the understanding that the guidance given therein would be effective within 30 days. The subject of the memorandum was as follows: “Texting of Patient Information and Orders for Hospitals and CAHs.” David R. Wright, the director of QSOG, wanted to provide these surveying agencies the department’s position on the propriety of utilizing text messages within the clinical context.
The Previous Guidance
Director Wright began with a reminder that the Centers for Medicare and Medicaid Services (CMS) had released in 2018 a previous memorandum on this topic, entitled “Texting of Patient Information among Healthcare Providers in Hospitals and Critical Access Hospitals (CAHs).” That memorandum acknowledged that the use of texting had become “an essential means of communication among hospital and CAH healthcare team members.” However, CMS noted at that time that the practice of a provider texting patient orders to other members of the care team would not be compliant with the Medicare conditions of participation (CoPs). The agency cited concerns with record retention, privacy, confidentiality, security and the integrity of systems at that time.
When CMS developed the 2018 guidance, most hospitals and CAHs did not have the ability to use secure texting platforms to incorporate these messages into the medical record. Now, that situation as markedly changed.
The New Guidance
The hospital and CAH medical record CoPs are found at 42 CFR 482.24 and 485.638, respectively. Among other provisions, they require inpatient and outpatient medical records to be accurately written, promptly completed, properly filed and retained, and accessible. The hospital is further required to utilize a system of “author identification and record maintenance that ensures the integrity of the authentication and protects the security of all record entries.” As the February 2024 memorandum points out, these requirements do not specify a precise method or system that a facility must incorporate for such purposes. That lack of specificity on the part of the CFRs and the existence of new text-related technology has put the ball back in QSOG’s court. That is, Director Wright and his team are left to grapple with the question of whether or not texting can now be appropriately incorporated into the medical record.
While computerized provider order entry (CPOE) continues to be the preferred method of order entry by a provider, Director Wright recognizes that alternatives now exist. His agency also acknowledges that there have been significant improvements in the “encryption and application interface capabilities of texting platforms” that relate to the transfer of data into an electronic health record (EHR).
CMS has historically taken the position that a physician or advanced practice provider should enter orders into the medical record via a handwritten order or CPOE. An order entered via CPOE, and immediately downloaded into the hospital’s or CAH’s EHR system, is permitted under the requirements because the order is dated, timed, authenticated and promptly placed in the medical record. Nevertheless, QSOG’s latest instruction holds out the possibility of using texting in the medical record creation process. Here is the salient section from the memorandum in this regard:
To comply with the CoPs, all providers must utilize and maintain systems/platforms that are secure and encrypted and must ensure the integrity of author identification as well as minimize the risks to patient privacy and confidentiality, as per the Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulations. Providers should implement procedures/processes that routinely assess the security and integrity of the texting systems/platforms that are being utilized to avoid negative outcomes that could compromise the care of patients. CMS expects that providers choosing to incorporate texting of patient information and orders into their EHR will implement a platform that meets the requirements of the HIPAA Security Rule1 and the HITECH Act Amendment 20212, as well as the CoPs.
So, to text or not to text is the question, and it turns on whether or not your facility has the functionality that allows it to conform to the CFRs, CoPs and the HIPAA privacy and security measures. If you have questions relating to this new guidance, you are invited to contact members of QSOG by going to the following link: QSOG_Hospital@cms.hhs.gov.