For most of us, there likely isn’t a day that goes by that we don’t send or receive texts from family, friends, or businesses we frequent. That’s because texting has largely replaced most phone calls. We live in a fast-paced world where people are busy and don’t have time for calls and voicemail messages. With texting being fast, easy, and convenient, why would you want to communicate any other way? Consider these facts about texting:

  • 98% of U.S. adults own mobile devices.
  • Americans check their phones 47 times per day on average.
  • 95% of text messages are read and responded to within 3 minutes of being received.
  • SMS text messages have a 19% click through rate (CTR) compared to 4% for emails.
  • 90% of customers (including healthcare consumers) prefer text messages over direct phone calls.

The story isn’t much different when it comes to patients wanting healthcare practices to use texting. Most patients expect to be able to exchange text messages with their dental, vision, and medical offices. And statistics back it up:

  • 85% of patients prefer receiving texts over a phone call or email.
  • 86% of patients ages 50–69 say texting has overtaken email as their preferred communication tool.
  • 86% of practices say text messaging improves the patient experience and 81% say it improves patient outcomes.

But what actual benefits do practices get from texting? Just as importantly, is text messaging HIPAA compliant? Let’s take a closer look at how texting can save your practice both time and money and also ensure those messages are kept private, secure, and HIPAA compliant.

What are practices’ benefits from a text-first approach to patient communication?

While texting is clearly most patients’ preference, there’s also a slew of advantages to using a text-first messaging platform. Some of these include:

  • Texted appointment reminders are more likely to be opened by patients, helping increase confirmations and lower no-shows. Patients can easily respond to reminders to cancel and reschedule the appointment.
  • You can save valuable staff time and minimize manual workloads with a patient messaging platform to automate reminders, recall notifications, and other messages. This helps you book more appointments and increase revenue.
  • Text messages can be sent from virtually any location, including via text solution’s mobile app.
  • Texting is a much more efficient and cost-effective way to communicate than emails or phone calls. An average phone call takes 4–8 minutes while sending a text only takes 30 seconds.
  • Two-way texting allows patients to reach practice staff in real time with questions or to reschedule without increasing incoming calls.

Is patient texting HIPAA-compliant?

The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that requires the creation of national standards to protect sensitive patient health information from being disclosed. The HIPAA security rule requires appropriate safeguards be implemented to ensure the privacy of protected health information (PHI). This includes any individually identifiable patient information transmitted or maintained in any form or medium by a covered entity (you) or a business associate (a patient messaging vendor).

Absent proper security features and protections, your patients’ PHI data contained in texts can be intercepted, stolen, and accessed by unauthorized individuals. Violations of HIPAA regulations (knowingly or unknowingly) can result in penalties and costly fines for your practice up to $50,000 per violation.

To be clear, HIPAA rules don’t prohibit practices from sending text messages to patients. But SMS texts that contain PHI lack the necessary safeguards and controls to be HIPAA compliant. So, the short answer is patient texting is not considered HIPAA compliant when it contains PHI—unless you’ve implemented the proper technical safeguards and controls. And while most patient texting software and instant message platforms like Whatsapp have end-to-end encryption, most require these additional features to keep PHI private, secure, and HIPAA compliant.

What features and capabilities does my solution need in order to be HIPAA compliant for text messaging?

You’ll want to verify that the text messaging platform you adopt has the technical features and functionality key to HIPAA compliance:


  • End-to-end encryption: This helps prevent text messages from being intercepted in transit or in storage. It’s one cog in the wheel of securing patients’ PHI.


  • Access controls: A closed texting platform with login credentials helps ensure messages can only be sent, received, and viewed by authorized patients and staff. It should also allow you to implement audit capabilities.


  • Minimum amount of PHI: Best practice is to only include the minimal amount of PHI necessary in patient texts to clearly convey your message. For example, a digital appointment reminder tool limits PHI in message content so that only the appointment date, time, location and the name of your practice is included.


  • Consent tool for standard two-way texting: A patient may text your practice with a question that would necessitate disclosing their PHI. A built-in HIPAA consent tool in your messaging solution lets you reply that the messaging may not be secure and request the patient’s consent before proceeding. You can then either continue the conversation if permission is granted or direct the conversation offline to a phone call, email, or in person discussion to ensure their PHI is protected.


  • HIPAA business associate agreement: Be sure to sign a business associate agreement with your messaging software vendor. This gives your practice written assurances that the vendor will adequately protect PHI and sets limits on how much information will be exchanged.

Key Takeaways

A modern patient communications platform with built-in features to support HIPAA-compliant texting helps protect PHI and gives you faster, more cost-effective communication. Improve your productivity and quality of care while offering patients shorter wait times and better continuity of care. Give your patients convenient yet secure options to coordinate their appointments while boosting productivity, reducing operational costs, and increasing monthly revenue.


For more details on how to keep your patient messaging HIPAA and regulations compliant, download the guide, “Become a Text and Email Compliance Guru.”




Read the Guide