bst2012 - Fotolia

Joint Commission bans CPOE secure texting for physicians

Vendors and patient advocates criticize computerized physician order entry ban following new Joint Commission and CMS clarification of secure texting rules.

Vendors and privacy advocates are criticizing a Joint Commission-CMS ban on CPOE secure texting for physicians.

The prohibition on secure texting for physicians of medical orders, or CPOE (computerized physician order entry), came in a Dec. 22 clarification in a Joint Commission newsletter, and it followed a recent flip-flop of sorts. In April 2016, the commission had reversed its long-standing ban on texting in healthcare.

"We've taken a few steps backwards," said Rhonda Collins, chief nursing officer at Vocera Communications, a San Jose, Calif.-based vendor of secure hospital communications systems, of the commission's pre-Christmas edict.

Rhonda CollinsRhonda Collins

"I just don't feel that it's recognizing the technology that's available today, the degree of security that we can provide and the contextual awareness and ability to integrate these systems to follow the care provider's workflow," Collins said.

The commission -- which is now working closely with the Centers for Medicare and Medicaid Services (CMS) -- originally prohibited all texting of HIPAA protected health information (PHI) in 2011, but that was before the adoption of secure texting technology for healthcare was common.

The original April decision recognized the widespread availability of the technology for secure texting for physicians and set forth rules for it, including setting up policies for message retention and security and privacy of PHI.

The December clarification, which is expected to be in place for the foreseeable future, reiterated that secure texting of PHI in healthcare organizations is allowed as long as written policies are in place, though not through CPOE.

I just don't feel that it's recognizing the technology that's available today, the degree of security that we can provide and the contextual awareness and ability to integrate these systems to follow the care provider's workflow.
Rhonda CollinsVocera

However, the commission asserted that CPOE is actually the preferred method for submitting orders, as it allows providers to directly enter information into electronic health records (EHR), and because CPOE is a critical clinical decision support tool. The commission said that, after secure CPOE or written orders, verbal orders are the next most preferred method.

So, in effect, the ban on texting CPOE reaffirms the primacy of the EHR infrastructure, which is increasingly adopting mobile order entry platforms, such as encrypted smartphones and tablets, Collins noted.

A few days after the commission decision, healthcare privacy advocate David Harlow also took aim at the CPOE ban in his blog.

David HarlowDavid Harlow

"We permit a whole host of imperfect solutions to be used in the course of delivering healthcare services. I am not sure why the spotlight has been trained so closely on texting," Harlow wrote.

Harlow, however, noted the commission's rationale for removing CPOE from the permitted range of applications for secure texting for physicians.

They include:

  • CPOE texting "may lead to an additional burden on nurses to manually transcribe text orders into the EHR," according to the commission.
  • While a verbal order allows for real clarification and confirmation of a practitioner's order, a texting order is an asynchronous interaction and constitutes an additional step.
  • If a clinical decision support recommendation or alert is triggered during order entry, the person manually entering the order into the EHR may need to contact the ordering doctor for more information. "If this occurs during transmission of a verbal order, the conversation is immediate," the commission wrote. "If this occurs with a text order, the additional step(s) required to contact the ordering physician may result in a delay in treatment."

Collins, though critical of the commission's move, said it was not an overly dramatic step.

"We just went back to what is tried and true," she said. "I think this is going to be in place for a good long while. I don't think we'll see it revisited anytime soon."

The Joint Commission is an independent healthcare accreditation agency that functions as a quasi-governmental body and that focuses on patient safety issues, now in close association with the CMS.

Next Steps

Dangers of unencrypted texting of PHI

Mobile strategies for secure messaging

Joint Commission warns about EHR safety

Dig Deeper on Mobile health systems and devices