While SMS cannot be fully guaranteed to be HIPAA-compliant, it’s a good idea to look for business SMS providers that follow HIPAA-compliant best practices, like TextUs.
We highly encourage healthcare entities that utilize SMS to adhere to the same practices in communicating as they would with other mediums like email or phone. As with other industries that use text messaging, proper opt in management is critical and healthcare providers must ensure that patients have opted in to receive texts. Additionally, we recommend that if a provider needs to share sensitive information via text, to not do so within the message body, but rather share a link to a secure portal hosted on your own platform where this information resides securely. These best practices ensure healthcare entities can benefit from the real-time communication that SMS provides, while remaining HIPAA-compliant.