SMS in Health Care Privacy & Confidentiality Iris Thiele Isip Tan MD, MSc, FPCP, FPSEM Chief, UP College of Medicine Medical Informatics Unit Clinical Associate Professor, UP College of Medicine Section of Endocrinology, Diabetes & Metabolism 6 May 2012 http://www.flickr.com/photos/katielips/1430878365/ Saturday, August 4, 12
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
SMS in Health CarePrivacy & Confidentiality
Iris Thiele Isip Tan MD, MSc, FPCP, FPSEMChief, UP College of Medicine Medical Informatics Unit
Clinical Associate Professor, UP College of Medicine Section of Endocrinology, Diabetes & Metabolism
mHealth, enabled by mobile phones and other wireless computing devices (mDevices), is the revolutionary adoption of new communication patterns in healthcare that is stimulating the introduction of Participatory Health.
HIPAA privacy ruleRight to access and amend protected health information (PHI), “used, in whole or in part, by or for the covered entity to make decisions about individuals.”
Text messages if used to make decisions may be subject to above HIPAA privacy rule.
Greene, Adam H. "HIPAA Compliance for Clinician Texting." Journal of AHIMA 83, no.4 (April 2012): 34-36.
Saturday, August 4, 12
HIPAA security ruleRequires appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity and security of ePHI
Greene, Adam H. "HIPAA Compliance for Clinician Texting." Journal of AHIMA 83, no.4 (April 2012): 34-36.
Threats to ePHI
• Theft or loss of the mobile device
• Improper disposal of the device
• Interception of transmission of ePHI by an unauthorized person
• Lack of availability of ePHI to persons other than the mobile device user
Saturday, August 4, 12
Security controls
Administrative policyWorkforce training Password protection
http://www.sxc.hu/photo/49277
Inventory and proper sanitization of mobile devices
Use of alternative technology i.e. vendor-supplied secure messaging app
Greene, Adam H. "HIPAA Compliance for Clinician Texting." Journal of AHIMA 83, no.4 (April 2012): 34-36.
Automated SMS reminders using Telstra Integrated Messaging Service (TIMS)Use requires completion of a standard SMS approval form
I agree to use the SMS system within the prescribed guidelines for services in my Department that may benefit from this initiative. I understand the cost of SMS messages will be charged to my Department and agree to fund this from the Department budget.
Privacy and ConfidentialityTelco only transmitsWA Health does not hold or collect any informationAll identified information remains with Health Services
www.health.wa.gov.au/CircularsNew/attachments/617.pdfSaturday, August 4, 12
Consent form for use of SMS texting Lincolnshire Community Health Services
We will get in touch with you approximately 2 weeks before your appointment is due.The text will not identify the sender and will read as follows - Appointment reminder: Date and timePlease let us know if your phone is lost, stolen or you have changed your number.
www.lincolnshirecommunityhealthservices.nhs.ukSaturday, August 4, 12
Consent form for use of SMS texting Lincolnshire Community Health Services
I agree to the service communicating with me by SMSI confirm that the mobile number the service holds on my record is correct and I will notify them of any changesI agree to receive a reminder of my appointment by SMSI am aware that I can withdraw consent at any time by informing the Health Professional either verbally or in writing
www.lincolnshirecommunityhealthservices.nhs.ukSaturday, August 4, 12
Standard Message SMS Policy for WA Health Services (Nov 2011)
Reminder: appointment at [xx] Hospital [appt_time], [appt_date]. DO NOT SMS REPLY. Please call [clinic number or OPD number] business hours if you cannot attend.
Reminder: your child has an appointment at [xx] Hospital [appt_time], [appt_date]] DON’T SMS REPLY Call [clinic number or OPD number] business hrs if unable to attend.
mHealth & Privacy in Developing CountriesPhones are often shared by families
Policy Engagement Network for the International Development Research Center (The London School of Economics & Political Science)“Electronic Health Privacy and Security in Developing Countries and Humanitarian Operations” Dec 2010
mHealth & Privacy in Developing CountriesSome governments are requiring citizens to register SIM cards with personal information
Policy Engagement Network for the International Development Research Center (The London School of Economics & Political Science)“Electronic Health Privacy and Security in Developing Countries and Humanitarian Operations” Dec 2010