CMS & TJC: Secure Text Messaging for Patient Care Orders Is NOT Acceptable


CMS & TJC: Secure Text Messaging for Patient Care Orders Is NOT Acceptable

Recently, The Joint Commission (TJC) in collaboration with the Center for Medicare and Medicaid Services (CMS) has determined that secure text messaging for patient orders is NOT acceptable.

TJC and CMS have developed a clarification stating that texting orders is NOT acceptable and the following recommendations regarding texting of protected health information:

All health care organizations should have policies prohibiting the use of unsecured text messaging (that is, short message service (SMS) text messaging from a personal mobile device) for communicating protected health information. TJC standard IM.02.01.01EP1 requires organizations to have a written policy addressing the privacy of health information. This requirement also extends to the privacy of health information transmitted though text messaging.

    TJC and CMS agree that computerized provider order entry (CPOE) should be the preferred method for submitting orders as it allows providers to directly enter orders into the electronic health record (EHR).  CPOE helps ensure accuracy and allows the provider to view and respond to clinical decision support recommendation and alerts.
  • In the event that a CPOE or written order cannot be submitted, a verbal order is acceptable.  However, verbal orders should be used infrequently, and the use of verbal orders should be closely monitored to ensure that these are only used when it is impossible or impractical to use CPOE or written orders without delaying treatment.  Verbal orders are not to be used for the convenience of the ordering practitioner.