Texting a Dr.

Moved to the HIPAA challenges discussion forum

I'm no HIPAA expert. But I know of several situations where patient information was inadvertently given to a different patient. No need to explain, each situation was different. My point is that these things do happen.

I was at my PCP for a routine checkup and a patient's information datasheet was handed back to me with my paperwork.

It's not great that it happens, but not necessarily the end of a nurse's career. Who's going to bother to report these violations? These are inadvertent mistakes vs a health care worker looking up information on a patient they have no business looking at.

Do you plan to turn your best nursing friend in ?.

We have some providers who prefer texting over other options. We just went live with an encrypted secure "chat"/"text" function within our EHR (we're on Epic). I don't use it because I don't have our Epic mobile app, so I'd have to be at a computer workstation anyways which is no more convenient to me than using the paging system.

My facility allows providers who have completed the facility approved encryption process for personal devices or who are using work issued (already encrypted) devices to forward their pager to a cell phone. One of our providers has done this, and it turns out that even if their pager is turned off (like they're on vacation, at a conference, etc) they get the message on their cell phone...that is a funny story but perhaps not the one for here ? .

If I use the computer or phone based paging system the data is recorded and audited. I won't get in trouble unless I've sent something inappropriate (we have had some folks do this). But if there is ever a question about whether I sent something, sent it in a timely manner, etc., it's on the hospital to maintain the records. I do not put notes in my patients chart about paging providers, although it's different in the OR (when I was a floor nurse and needed orders for or needed to report a critical lab value I did). Usually I'm sending a page to remind them to complete what they need to so we can go back to the room or to ask about a detail related to a case.

Occasionally, I'm paging an attending to "Call (extension for room I'm assigned in) now" - although I've done that a handful of times in more than 5 years as an OR nurse - usually for a code, an inability to intubate (especially when I assume we'll have to trach), the "worst case scenario" for a specific procedure (where we page some/all of the surgeon's attending partners to get whomever is closest to come help)... If you use this sparingly, you always get the result your situation warrants.

With that said, I have texted surgeon colleagues. But that's been for something non-specific and very (not patient/case specific) broad, usually not a directly clinical issue.

On 6/24/2019 at 1:53 PM, adn_nursingstudent said:

I have always thought this was a HIPAA violation until a nurse pointed out that as long as the information is “de-identified” PHI, HIPAA rules no longer apply.

Perhaps.

But does it seem safe, overall, to text about important specific-patient-related matters without using appropriate identifiers? NO. The same thing that makes it not a violation is the thing that makes it a major safety risk.

Using a personal device to share and receive de-identified PHI for the purposes of patient care is not appropriate IMO. There's no way I would do it.

If the facility would like staff to communicate in this way then encrypted devices that can be used on encrypted networks should be provided and appropriate policies should support this. Period. Then there is no need to eliminate identifiers that are an integral part of safe patient care processes.

I feel pretty confident in saying that if your Risk and Compliance people knew about this, things would get ugly.

I suppose it would be different if the messages being sent were along the lines, "labs are back for 215" or "please check labs for 215," but that doesn't sound like it is the case.