The Joint Commission recently revised its position on physicians and licensed independent practitioners transmitting orders via text message. The Joint Commission’s new position allows physicians and licensed independent practitioners to send orders for care, treatment, and service via text message as long as a secure platform is used and the order includes all of the Joint Commission’s required components. The Joint Commission requirements apply to Joint Commission accredited facilities, but the new position serves as useful guidance to other facilities implementing policies, procedures, and secure platforms for orders sent and received on mobile devices via text message.
Previously, The Joint Commission prohibited the transmission of orders via text message due to information security concerns, the inability to identify the person sending the text message, and limitations on entering the order into the patient’s medical record. Secure text messaging technology has evolved, and many facilities and providers have piloted the use of secure mobile order technology. The Joint Commission’s new position states that text message orders may be allowed if the secure messaging platform includes the following components:
- A secure sign-on process;
- Encrypted messaging;
- Delivery and read receipts;
- Date and time stamp;
- Customized messaging retention time frames; and
- Specified contact lists for individuals authorized to receive and record orders.
Orders sent via text message must comply with Medication Management (“MM”) Standard MM.04.01.01, which addresses the required elements of a complete order. The Joint Commission also stated that organizations must address how text message orders will be documented in the patient’s medical record – for example, through direct integration between the secure messaging application and electronic health record technology or manual entry. As with any new technology that involves electronic protected health information, secure messaging technology must be included in an organization’s HIPAA security risk analysis. In addition, The Joint Commission recommends that organizations undertake the following steps when implementing text orders:
- Develop an attestation documenting the capabilities of the secure text messaging platform;
- Define when text orders are (and are not) appropriate;
- Monitor how frequently text orders are used;
- Assess compliance with texting policies and procedures;
- Develop a risk-management strategy and perform a risk assessment; and
- Conduct training for staff, licensed independent practitioners, and other practitioners on applicable policies and procedures.
The Joint Commission’s new position on text orders recognizes the evolution of health care technology. There are many steps that must be undertaken when piloting or implementing text messaging technology including performing risk analyses, development of policies and procedures, and training. Implementation of such technology should be approached thoughtfully, with input from providers, information technology and security personnel, and technology vendors.
By Michael W. Chase of Baird Holm