Press Release: How To Text and Remain HIPAA-compliant
WESTWOOD, MA, March 15, 2016 — LuxSci® announces the recent launch of SecureText, a unique solution to concerns about HIPAA-compliant text messaging, and an important step to safeguard and secure electronic patient health information (ePHI).
Communicating through text message is a convenience to which we have grown rapidly accustomed. However, sending unsecured texts places healthcare providers and patients at risk in several ways: (1) ePHI-laden messages are not always encrypted during transmission or storage; (2) anyone with access to a recipient’s phone or stored messages can view ePHI-laden messages; (3) and some ePHI-laden text messages travel through organizations which lack required HIPAA Business Associate Agreements. Additionally, since healthcare providers are required to obtain and maintain consent from patients for texting – providers must ensure that patients are adequately educated on the risks associated with sending ePHI via text and presented with secure alternatives to insecure texting.
What sets LuxSci’s SecureText apart from other solutions? The fact that no special app is required to get started. Without requiring patients or healthcare providers to obtain a specific app, app-free SecureText addresses the need – and the desire – of patients and healthcare staff to use secure text messaging of ePHI, whether for routine scheduling and confirming of appointments or for consults with various specialists. SecureText minimizes the risk of organizations violating HIPAA regulations or causing breaches of patient information that can result in fines upward of $50,000 per message. SecureText increases patient satisfaction as well, as patients want to use texting more and more for their healthcare needs.
LuxSci’s encryption technology makes text messaging of ePHI easy, convenient, and secure. Texts are transmitted in real time, with unrestricted content length (including file attachments), and no prior communications, setup, or training are necessary for recipients. Secure HIPAA- compliant text messages can be received anywhere by anyone who has a smart phone with SMS service for texts and an Internet connection for secure data retrieval. Several of the features of SecureText that provide peace of mind for healthcare staff include the ability to:
- Retract and delete messages on demand.
- Protect message data with a passcode and unique user authentication.
- View who has read the message, the time, and the IP address.
“Simply put,” says LuxSci founder Erik Kangas, PhD, “with regular texting there is no expectation that a text message is secure or private or protected from unauthorized eyes. SecureText protects sensitive data during its transmission, verifies the user, and provides an audit trail should HIPAA regulators arrive on your doorstep.”
SecureText messages can be also sent equally well through any standard email program, through LuxSci’s own WebMail system, and through LuxSci’s API. Healthcare organizations gain in efficiency when HIPAA requirements are no longer a source of concern or frustration. The last thing any organization wants is to become the next headline about a breach of HIPAA.
LuxSci, founded by Erik Kangas, PhD in 1999, is a leading provider of Internet services for secure Web and email communications. Focused on resolving electronic communications problems, LuxSci continues to deliver innovative products and services to its diverse clients across the US, as well as in foreign markets such as Canada, United Kingdom, and Australia.
- To Text or Not To Text: Texting under HIPAA
- SMS is Broken and Hackers can Read Text Messages. Never use Regular Texting for ePHI.
- Infographic: Texting in healthcare – a not-so-simple exchange
- How to Setup HIPAA Mutual Consent for Insecure Email at LuxSci
- If my web site is very simple, do I have to worry about HIPAA compliance?