LuxSci SecureText

HIPAA-compliant Text Messaging

Ideally suited for:
  • Communicating with patients
  • Messaging without email addresses
  • Sending appointment reminders via text
  • Sending real-time alerts with sensitive information
  • Instant delivery of messages and files

What is SecureText?

Your solution for HIPAA-compliant texts without the need for an App.

Watch the video to learn more.

eBook — HIPAA-compliant Email Basics

Safeguarding your healthcare practice and protecting patient privacy

Book 1 in the LuxSci Internet Security Series.

Created by Erik Kangas, PhD

Get the HIPAA eBook

HIPAA-compliant Texting

Is this your experience as a health care provider? Your patients are clamoring to speak with you or to set up and confirm appointments via text messages. Consequently, you feel pressured to use a questionable practice -- text messaging -- to relay healthcare information.

Text messaging is fast becoming the new normal for everyday communication due to its speed and convenience. Patients now want to use texting for their healthcare needs, as well. You, however, may have doubts about the suitability of text messaging in a healthcare setting, and, more important, its legality compared to more conventional modes of communication.

In most instances, sending electronic Protected Health Information (ePHI) by text message is a clear violation of HIPAA guidelines. If a breach of ePHI were to occur as a result, the healthcare facility involved could face fines of up to $50,000 per message. If your office were audited, would your policies and practices around text messaging comply with HIPAA?

At LuxSci, we want all your communications to be secure. Our SecureText service represents a unique solution to concerns about HIPAA-compliant text messaging. SecureText enables the sending of completely secure messages, including attachments.

All you have to do is remember "[phone_numer]@secure.text" to send SecureText messages to anyone from LuxSci WebMail, your favorite email program, or LuxSci's REST API.

Learn More

Perhaps you were wondering...?

The sender of a SecureText message is a LuxSci user with LuxSci's SecureLine encryption service.

  1. The sender composes an email message in LuxSci WebMail or the sender's favorite email program (for example, Outlook, Thunderbird, or iPhone Mail) and sends the message to a special email address based on the recipient's cell phone number (for instance, "2114367789@secure.text" for a hypothetical recipient in the USA whose cellular number is "211-436-7789." The address is slightly different, but equally easy, for recipients in different countries).
  2. After the sender hits send, the recipient receives a text message on his/her phone indicating that a secure message is waiting.
  3. The recipient touches a short link in that text message, which opens up a Web browser on the recipient's phone:
    • If the recipient has recently viewed another SecureText message, then the new message immediately loads and displays.
    • If the recipient has previously viewed a SecureText message, but that was a while ago, the recipient will first need to enter the password that s/he set up to protect access to these secure messages.
    • If this is the recipient's first SecureText message, then the recipient sets up a password for future access and enters an email address for password recovery. The recipient then gains access to view the message and is prepared to access future messages.
  4. Once the recipient views the SecureText message, s/he can view or download files and securely reply to the message.

With regular text messages, there's no expectation that the message is secure or private or protected from unauthorized access. Sending protected health information (ePHI) over a regular text message is a violation of HIPAA unless special safeguards are in place and the patient has given special consent. Sending ePHI over text to other healthcare workers is almost always against HIPAA. See: To Text or Not To Text: Texting under HIPAA.

SecureText protects the sensitive data during transmission, provides for authentication of the recipient, provides audit trails of message access, enables message expiration and forced message deletion, and comes with a HIPAA Business Associate Agreement from LuxSci. SecureText allows you to send your secure messages over text without the need for a special app and within HIPAA requirements.

You can send SecureText messages to anyone, in any country that has a cell phone with text messaging service. However, your recipient's phone will need access to the Internet (for example, by cellular data or WiFi) and a built-in Web browser to open the message.

Yes. SecureText messages (and secure email messages) can be sent via LuxSci's REST API. You sign up for a business email account with LuxSci to gain access to the system (create a 1-user @luxsci.net account if you do not need to host your email with LuxSci). Then, create and configure your API interface, subscribe to a level of texting credits to support your volume, setup Private Labeling to customize your messages and the SecureText portal, and get your own dedicated SecureText phone number from which your texts will originate.

No. SecureText works with the texting and Web browsing applications built into all modern smart phones. There's no need for the recipient to install a custom application or to learn special software.

Yes. When viewing a SecureText message, a person can securely reply to that message and even include files (photos, for instance) from your phone.

The sending LuxSci user receives replies to SecureText messages as secure email to his/her email account.

Yes. None of the usual limitations of texting exist with SecureText. You can send long messages, HTML-formatted messages, and files in your SecureText messages. The total size of each SecureText message should be less than 70 MB.

Yes. If the sender requests a read receipt, then s/he will always receive one when the recipient opens the message. Additionally, senders can see reports of all messages sent; these reports include message access histories.

Yes. You can connect your software to SecureText for the automated sending of secure text messages via LuxSci's REST API. You application can easily send SecureText (and secure email) notices automatically and transparently through LuxSci.

The SecureText service is part of SecureLine and thus requires a SecureLine license. That is $3.00/user/month. Additionally, sending each SecureText message requires the use of texting credits to pay for the underlying texting service. For messages sent within the USA and Canada, each message generally uses 1 credit. Texting credits can be purchased on a pay-as-you-go basis for $10 per non-expiring block of 250 credits, or subscribed to on a recurring monthly "use it or lose it" basis for $5 for each block of 250 credits/month.

Pay-as-you-go accounts can send up to 250 SecureText messages each day.

Recurring accounts have a daily SecureText sending limit equal to their monthly subscription—up to 1,000 credits/day. I.e., if you get 1500 credits/month, then you can use up to 1000 credits/day.

Recurring accounts with Private Labeling can obtain a free dedicated sending phone number (a 10-digit US long code phone number) from LuxSci. Once that phone number has been added, these accounts have a daily SecureText sending limit equal to their monthly subscription up to 75,000 credits/day.

To send more messages in a day or to send faster than 1/second without queuing, a Short Code phone number will be needed. Please contact sales for pricing.

Other questions? Call Sales

Got it all figured out?

New accounts ready in 1 hour*

Account term is month-to-month

Free 30-minute training call included

Welcome to LuxSci!

*for non-dedicated-server orders placed between 9am and 10pm Eastern Time, USA. Provisioning can be delayed due to issues validating orders.

What People Say About LuxSci