- Rising to the Top
- New Social Media Marketing Book for Aesthetic Physicians
- Isdin's Eryfotona Actinica
- FaceTite by InMode
- New Products
- Meeting Minute
- In Focus: Blinded by the Plight
- Handling Negative Reviews in the Internet Age
- When is Enough Enough?
- Integration of Technology Leads to Golden Era of Health Care Marketing
- Master Class: Make Live Videos Work for Your Practice
- Editorial Board Forum: Regulated Engagement
- Loading the Sales Funnel Through Price Transparency
- Is Your Practice Ready for the Menaissance?
- Read This Before You Text That
- Safety Dance: HTTPS Update
- Connecting the Dots: A Guide to Understanding Millennials
- Exit Stage Left
- Would Your Business Survive Your Disability?
- Investment Alternatives to Reduce Portfolio Risk
- Instagram Is Hot in Aesthetics: Fake it Until You Make It?
- Coming & Going
Read This Before You Text That
The new road rules for texting patient information.
By: Wendy Lewis
The traditional ways of making, confirming, and changing appointments, asking questions, and checking in pre- and post-procedure by phone is not only inefficient but often fraught with mistakes and frustration on both sides. As they strive for automation to remain competitive and meet patients’ needs, medical and aesthetic practices need to improve how they connect with patients.
We do have the technology, however the Health Insurance Portability and Accountability Act (HIPAA) has not kept pace with the trends, which makes texting patient information a very risky business.
The Promise and Perils of Texting
We live on our mobile devices 24/7, so it’s natural for consumers to warm up to the idea of hearing from an aesthetic physician’s office via text, too, especially for routine communications, such as appointment reminders and prescription renewals. Text messages are an efficient way to transfer information on the go and in real time from anywhere in the world, which represents a major improvement from old school methods, such as calling, leaving voicemail messages, or emails. This method of interacting gives patients increased flexibility to connect with their doctors in the way they feel most comfortable and helps to enhance the patient experience by removing hurdles. It may also promote increased loyalty to your practice and cut down on cancellations and no-shows.
But a lot can go wrong. Your data and their medical records may be compromised, which in turn, means that the HIPAA gods can impose substantial fines, starting at the ticket price of that new Jag you had your eyes on.
For messaging to be secure, your communications must be encrypted before they ever get transferred. Basically, encrypted messages can only be read by the intended recipient. Even if your message gets intercepted during the exchange, it is still safe and protected from spying eyes.
It’s not that simple, though. You may utilize a system that is heralded as “secure,” but it may not be “HIPPA compliant.”
So, what is an aesthetic practitioner to do?
For starters, download an app or subscribe to a platform that offers services to encrypt your data before you send it through normal unsafe channels. Search for “secure messaging solutions” to find out what is available for IOS and Android devices.
A white paper from dochalo.com suggests seeking out the following features to ensure that your “secure texting app” is also HIPPA compliant.
1. Remote-Wipe Capability. If a device is lost, you can keep confidential information safe by locking the application and deleting all information. This provides an added layer of protection for patient data.
2. Auditing. The app should let you know who has sent a message, who read it, and when.
3. Secure Network. Any application that lets you send a message outside the secure network is not HIPAA compliant.
4. Management of Attachments. Keeping the data within the application is necessary to maintain control, therefore, copying and pasting data, and saving photos and attachments should be restricted.
5. Authentication. A HIPAA-compliant app will not allow users to access or interact with any data unless they are authenticated.