Text message reminders are expected in healthcare now

People of all ages have embraced texting as a fast, efficient means of communication. Patient experiences with e-commerce sites, banks, mobile apps and more, have conditioned them to expect and desire text message notifications. There is no reason your practice cannot use this technology to communicate with patients who want to receive appointment reminders and other patient notifications in this manner.

Practices can send information by text to patients as long as it does not contain Protected Health Information (PHI). Examples of appropriate healthcare text messages include appointment reminders, recalls, collection notifications, office closings or schedule changes, to name a few.

Healthcare text messaging reminders and HIPAA

HIPAA specifically allows direct communication with patients. Of course, whether that communication takes the form of a phone call, mail, email or text message, health care providers must have adequate safeguards in place to protect patient privacy. Follow some simple guidelines.

  • When constructing text messages (or any type of patient communication), healthcare providers should limit the amount of information to only what is necessary, such as first name or initials only. The goal is to minimize the risk of the patient actually being identified if the message reaches the wrong person.
  • It is also important to notify patients that they may receive reminders via call, text or email, unless they request that reminders not be sent by those means.
  • Quickly honor requests that reminders not be sent.
  • Patient contact information should be verified on each visit.

When to use secure texting

Secure text communication between healthcare providers, and between providers and patients is a major topic in the healthcare industry today. There is a concern that patient-specific Protected Health Information (PHI) is vulnerable in instances where PHI is transferred via text in either of the following instances:

  1. Texting between doctors collaborating on patient care, or between doctors and other health care providers


  1. Doctor-to-patient text communication when the provider is advising the patient on diagnosis, treatment or follow-up care.

If the content of a message contains electronic Protected Health Information, then the text message must comply with HIPAA privacy rules and security standards. Text messages containing ePHI should be sent in a secure, encrypted and approved format.

Secure texting requires secure data centers, message encryption, recipient authorization and audit controls. Encrypted text messages require that both the sender and the receiver have the same encryption protocol on their phones. For these reasons, sending patients encrypted text messages is not practical for most providers at this time. Therefore, any doctor-to-patient communication should be carefully constructed to ensure ePHI is not included in the message.

Back to Top