CMS bans use of texting by doctors to place medical orders
In a recent memo, the Centers for Medicare & Medicaid Services has outlined a position that the texting of medical orders by physicians is not permissible.
The position was outlined in a late December memo to state survey agency directors from the head of CMS’ Center for Clinical Standards and Quality/Survey and Certification Group.
The guidance from CMS states that the texting of patient orders “is prohibited regardless of the platform utilized,” and the computerized provider order entry (CPOE) “is the preferred method of order entry by a provider.”
However, the document does allow the texting of patient information among members of a healthcare team, saying it’s permissible if it’s done on a secure platform.
The memo’s rationale suggests that CPOE is preferred because using electronic systems to document orders is important in maintaining a record of all procedures ordered for a patient.
“The practice of texting orders from a provider to a member of the care team is not in compliance with the Conditions of Participation or Conditions for Coverage,” the memo states.
In terms of compliance, texted orders do not meet the requirement that a hospital must maintain a medical record for each inpatient and outpatient. “Medical records must be accurately written, promptly completed, properly filed and retained, and accessible,” CMS notes. “The hospital must use a system of author identification and record maintenance that ensures the integrity of the authentication and protects the security of all record entries.”
CPOE is preferred because its use enables medical order information to be included in patients’ electronic medical records and thus be “dated, timed, authenticated and promptly placed in the medical record.”
In permitting texting to communicate information among medical team members, the memo notes that the practice “has become an essential and valuable means of communication among team members.” For such texting to be compliant with regulations, providers must use platforms that are secure, encrypted and that otherwise minimize risks to patient privacy and confidentiality, to meet HIPAA regulations and Medicare participation conditions.