PURPOSE: To establish policy that governs the exchange of digital messages between patients and research subjects and personnel in UAB Covered Entities, as defined below. Digital messaging with patients and research subjects must maintain appropriate confidentiality while permitting communication that enhances their experience by providing timely, accurate information regarding care.
SCOPE: This policy applies to all UAB Covered Entities (School of Dentistry, School of Health Professions, School of Medicine, School of Nursing, School of Optometry, Joint Health Sciences Departments, School of Education Community Clinic, UAB Office of Benefits, and other UAB entities that may be added from time-to-time) and to the following UABHS Covered Entities: UAB Hospital, The Kirklin Clinic of UAB Hospital, The Kirklin Clinic of UAB Hospital at Acton Road, Callahan Eye Hospital and Callahan Eye Hospital Clinics, UAB Health Centers, Medical West, VIVA Health, Inc., the University of Alabama Health Services Foundation, Ophthalmology Services Foundation, Valley Foundation, and other UABHS managed entities that may be added from time-to-time. For purposes of this policy, UAB and UABHS Covered Entities shall be collectively referred to as “UAB.”
DEFINITIONS:
A. Digital messaging: The exchange of information in digital (electronic) format using fixed, mobile, and/or wearable devices such as desktop computers, laptop computers, smartphones, tablets, and watches. B. Text messaging: SMS (Short Message Service) text communication provided by cellular telephone carriers, as well as proprietary and non-proprietary communication via applications provided by mobile device manufacturers and third-party vendors. C. Secure text messaging: Text and/or multimedia communication applications that incorporate appropriate encryption and other safeguards that are vetted and approved by UAB Medicine Information Security. D. E-mail (electronic mail): Digital messages containing text and/or multimedia that are sent and received over computer networks using specialized client software or web sites. E. Patient Portal: UAB Medicine’s secure portal for exchange of information between patients and caregivers. F. Protected Health Information (PHI): Health information, including demographic information collected from an individual and created or received by a health provider, health plan, employer, or health care clearinghouse that relates to the past, present, or future physical or mental health or condition of any individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual, and that identifies an individual or there is a reasonable basis to believe the information can be used to identify the individual and that is transmitted or maintained by electronic media or any other form or medium. PHI does not include individually identifiable health information in education records covered by the Family Educational Right and Privacy Act and employment records held by a covered entity in its role as an employer. POLICY:A. Patient permission regarding desired communication methods: Digital messaging with patients and research subjects shall not be used without their explicit consent. Such consent may be revoked at any time.
B. Messages that contain PHI: Transmission of digital messages that contain PHI between UAB personnel and patients shall be done via the Patient Portal unless the patient has explicitly consented to an alternative,secure method approved by UAB Medicine or there is no alternative to prevent injury or death.
C. Messages that do not contain PHI: Digital messages that do not contain PHI, such as information regarding appointment times/locations, shall be permitted if consented to by patients and research subjects. However, UAB personnel shall be sensitive to the possibility that messages to patients and research subjects may disclose information about their medical condition even if PHI is not included.
D. Messages that contain information regarding patient management: Digital messages that contain management instructions (including, but not limited to, instructions to initiate, change, or cease over-the-counter or prescription medications and guidance regarding non-pharmacologic therapy) shall not be transmitted via e-mail or text messaging unless no alternative is available, regardless of whether or not the messages contain PHI.
E. Response to communication initiated by patients: Patients who send digital messages to UAB personnel using text messaging, e-mail, or other non-secure methods shall be directed to use the Patient Portal or an alternative, secure method approved by UAB Medicine, unless there is no alternative. |
