Problems with texting in telehealth?
When thinking about texting in telehealth, issues of theft and lost must be considered by the clinicians. The number of lost mobile devices is staggering. Consumer Reports1 suggests:
- On an Android phone. To set up this app on a phone running Android 2.2 or later, find the Android Device Manager in Google Settings, which is typically an icon on your desktop with the letter “g” and a gear-like symbol next to it. If necessary, use the phone’s search function to search for “Google Settings.” To track down a missing phone, use a computer to access the Android Device Manager in the browser’s address bar.
- On an iPhone. Download and install Find My iPhone from the iTunes App Store, then sign in with your iTunes account. To track down a missing phone, use a computer to access Find My iPhone.
- On a Windows phone. Find the Find My Phone app in the main settings menu. To track down a missing phone, use a computer to go to Microsoft’s account sign-in screen.
However, security issues and other problems of texting in telehealth don’t stop at theft or loss.
Who Is The Recipient?
Assuming the phone is in the hands of the legal owner, other complications can exist. For example, texts are also not subject to authentication of the user prior to being delivered. Anyone looking at a cell phone on a coffee table might see if a message arrives. Guests of the cell phone user might easily read the text before the user him or herself. Most user’s text messages can be accessed without verification of one’s identity, such as when the cell phone user leaves the room for a few minutes, and a curious “friend” takes a look. Mobile phones also contain histories that can be deeply embedded in the phone and therefore not easily erased. In some phones, those memories can never be erased, or get transferred from one phone to another via the SIM card.2
Which Type of Device?
Professionals using mobile phones issued by large companies might enjoy the benefits of working with an IT department, but many cell phones are still not subject to monitoring by these IT departments. Those departments might install encryption software prior to disseminating the telephone to employees, but beyond that, not much is usually involved. In fact, the push has been toward allowing employees to “bring your own device” (BYOD), which can further complicate corporate management of mobile phone technologies and their security.
Other Problems with Texting in Telehealth?
Other complications exist with phone distributed by companies. The record set of patient interactions easily found on a phone make it subject to HIPAA privacy rule provisions. This record set can lead to complications because when text messages are used to render decisions about patient care, they may be subject to the rights of access and amendment by clients and patients. Clinicians are mandated by HIPAA to give such access and amendment options to consumers. Giving such access then becomes a challenge because the data set is stored in ways that don’t protect the privacy of other consumer’s similar information.
Regardless of where one is employed, texts can be stored in places where unauthorized access is possible, such as on provider’s servers, internet connections, workstations, or cloud-computing stations.
Another serious consideration is the risk to a patient’s confidentiality should the therapist’s mobile phone be lost or stolen. Most mobile phones are lost in highly-trafficked public places, with 40 percent going missing in taxi-cabs and another 20 percent in restaurants, bars, and nightclubs. Improper disposal of devices is another problem that can plague clinicians. Understanding how HIPAA applies in mobile phones and text messages is important.
Therapists are finding that clients are increasingly asking for text messaging in therapy. TBHI’s online training event entitled, “Text Messaging Therapy? 12 Risk Management Considerations to Keep You Out of Hot Water” will review basic risk management approaches to using text messaging as the basis for clinical care. It will outline 12 ways in which text messaging therapy may expose you and your client or patient to undue risk including HIPAA-compliant text messaging, types of text messaging services, and ethical codes that relate to text messaging. It will also clarify considerations for accepting employment from online text messaging therapy companies.
1 Consumer Reports 2015
2A Subscriber Identity Module (SIM) card is a portable memory chip used mostly in mobile phones. They hold your personal information, including the phone number, address book, text messages, and other data.