25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Lifting of Joint Commission Ban on Secure Text Orders Delayed until Fall

Posted By on Jul 18, 2016

The lifting of the Joint Commission ban on secure text orders was welcomed by healthcare organizations and secure messaging providers; however, the ban is now back in place. Text orders cannot currently be sent, even if a secure messaging platform is used.

Joint Commission Ban on Secure Text Orders Lifted Only for a Month

The lifting of the Joint Commission ban on secure text orders was announced in the May Perspectives newsletter, although the June Newsletter explained that organizations wishing to use a secure messaging platform must first be provided with further guidance to help them incorporate the texting of orders into their policies and procedures.

The May Perspectives newsletter explained that “effective immediately” the Joint Commission ban on secure text orders was lifted. The newsletter explained that in order for healthcare organizations to start using text messages to transmit orders a number of conditions needed to be satisfied.

Standard text messaging platforms could not be used due to the risk of data being intercepted. The texting of orders would only be permitted if a secure text messaging platform was adopted. That platform needed to incorporate a secure sign-on process to ensure that only the intended recipient would be permitted to read the message and only authorized individuals would be allowed to transmit orders.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

All text messages would need to be protected with end to end encryption and read and delivery receipts must be supported. Messages would need to be time and date stamped and the platform must allow customized message retention time frames to be set. The secure messaging platform must also allow contacts lists to be created to ensure that messages could only be sent to individuals authorized to receive messages and record orders.

The lifting of that ban lasted only a month. The ban is now back in place pending the release of new guidance. The Joint Commission and Centers for Medicare & Medicaid Services (CMS) will be developing new guidance documents for healthcare organizations over the next few weeks.

Secure Text Orders Will Be Permitted Later This Year

Until the guidance has been issued, the Joint Commission ban on secure text orders will remain in place. The CMS will be working with the Joint Commission over the next few weeks to produce the document to “ensure congruency with the Medicare Conditions of Participation.”

The guidance, which will take the form of a document of Frequently Asked Questions (FAQs) and will be published by the end of September 2016.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist