5 steps to safely increase your patient engagement when it comes to HIPAA compliance for clinician texting
Chiropractic practices thrive on patient engagement, and perhaps the most well-received way to engage patients today, or at least the best way to get their attention, is to text them. More than 99% of texts are read, and that’s great news for your practice, but you need to keep HIPAA compliance for clinician texting at the forefront of your planning.
Strategic texting campaigns lead to more successful chiropractic practices — but when texting, it’s imperative to stay compliant with HIPAA (Health Insurance Portability and Accountability Act). Put simply, this means you need to be communicating securely, with consent and with authorized access. It’s easy to maintain HIPAA compliance for clinician texting –– all it takes is keeping these key rules in mind.
Chiropractors already use texting to do things like:
- Bring in new patients by adding a text chat to their website so prospective clients can get their questions answered ASAP and schedule a time.
- Send out promotions and special offers to drive more patients to come in.
- Confirm appointments and scheduling to remind patients of upcoming care.
- Advertise products, such as in-house supplements, creams, foam back rollers, etc.
- Get more online reviews by texting patients a direct link to their review page.
- Motivate and remind patients of their care so that they stay on top of their exercises and stretches.
HIPAA compliance for clinician texting: situations to avoid
Avoid texting from a personal device. A personal device, such as your own smartphone or a tablet, lacks the security and encryption required by HIPAA laws. Protected Health Information (PHI) can be intercepted and put your chiropractic practice at risk.
You need compliant software for encrypted messaging, which will enable you to keep your communications centralized with administrative oversight. And it’s easier and more secure for your communications to stay within one platform where all patient conversations can be monitored by authorized employees within a secure system.
The sender and receiver need to be clearly identified as well, so that you know who’s been communicating with your patients. A compliant software program should be able to handle this for you.
Authorized access to patient conversations
You’ve got your hands full on a daily basis. From patient exams to performing adjustments and more — not to mention running a business — you aren’t always going to have time to communicate with all of your patients. That’s why you need to make sure you’re giving authorized access to your employees so they can handle your patient communications for you.
There isn’t any need for other departments or locations (if applicable) to have access to sensitive information, especially if it doesn’t pertain to them. PHI is at risk when the wrong people have access to it. For instance, there shouldn’t be any reason for your accountant to be accessing messages between the front desk and a patient. Limit the exposure of PHI to only the people who are authorized to view it. This way, you can protect your practice all around.
Start by assigning different numbers and message dashboards to each authorized employee. What does this mean? Within a secure texting platform, you’ll have the option to create a separate dashboard for each authorized employee. The dashboard will have its own number, and multiple dashboards can be monitored at the same time.
Employees shouldn’t be sharing numbers, even if they are authorized to view patient conversations. Keep conversations separate, and you’ll be good to go.
Patient consent to text
Patients need to opt-in to receive text messages from your practice. This holds true for all communications, but anything related to HIPAA compliance for clinician texting gets extra scrutiny. Texting a patient who isn’t opted-in can be a violation of HIPAA standards.
When filling out new patient paperwork, you can ask patients on your form if they want to receive texts from your practice about their care. That way, you can have documented proof of their consent.
Another option, as needed, is that you can text a patient for the first time, tell them what you’ll be texting them about, and also tell them how to opt-out (e.g., reply STOP to opt-out).
Share PHI with patient permission only
Sharing PHI ties back to getting consent from your patients. They want to be able to text you about their care, and you need to check with them before you choose whether or not to share their PHI and talk about it.
Texting about non-PHI has different (and less) scrutiny than texting about PHI. If you’re going to text about patient info and care, it’s best to get express permission for that. You can opt for them to fill out a form, or to verbally confirm that they want their PHI to be shared.
Example: “Hey, [patient]! We have your results. Would you rather us text them to you, or you come to the office?”
You’ve also got to keep your contact records clean and patient data up to date. That applies just as much to texting. Texting the wrong person can result in serious HIPAA violations, and expose your patient’s PHI to the wrong people. Confirm patient contact information every time they come into your office. And when you text them, make sure to ask them to confirm their identity by simply asking for their date of birth. This is a strong way to ensure that you are contacting the right person every time. Confirming info is also a great excuse to re-engage past patients if you haven’t seen them in six months or a year and want to touch base.
Build a subscriber list of patients
Patients typically come once or for the duration of their treatment, so you need to find a way for them to keep coming back. There are many opportunities to engage with your patients, even without PHI.
You can start by building a list of patients who want to receive advice on how to live a healthier life. A good way to engage and educate your patients is to send them infographics or tips to maintaining a healthy back. You can even encourage your patients to follow you on social media.
After a patient completes their appointment, you can text and offer for them to opt-in to your subscriber list with a keyword. For example:
“Hey [patient]! Thanks for coming in. If you’d like to receive notifications about how you can build healthier habits, text HEALTH back to this number.”
When your patients can engage with you outside of their regular care, it will show them that your practice cares and wants to look out for their well-being even when they don’t have an appointment. Patients are your most valuable asset and engaging them within HIPAA compliance for clinician texting is a key factor in getting them to return.
JESSICA AYRE is a content marketing specialist at Text Request, a HIPAA-compliant business texting solution. If your practice wants to start texting customers, Text Request can give you all the tools and resources you need to create a safe and successful text messaging strategy. Learn more at TextRequest.com.