Compliance programs should keep a sharp eye on all communications

Every word written or spoken in connection with a health care practice presents the potential for risk. At a Wolters Kluwer webinar entitled, Health Care Communication Risks—From a Compliance Perspective, two presenters pointed out various areas of concern and ways for compliance professionals to approach them. Robert Liles, managing partner at Liles Parker PLLC, and Paul Weidenfeld, chief legal officer of Exclusion Screening LLC, spoke from years of experience on topics such as criminal issues, administrative concerns, employment, and documentation.

Text messages

The presenters noted that smartphones, while convenient, have caused countless compliance issues. Communications as seemingly private and innocuous as a text message present a significant risk, as law enforcement can easily obtain information about texts that a service provider might tell a customer is unavailable. One example offered in the webinar told of a dentist who extracted a tooth from a sedated patient while on a hoverboard, then texted a video of the event to a friend; another example came from an office manager who texted her mother to tell her of pulling two teeth from a sedated patient.

Exam recordings

Many states have one-party consent laws for recording communications, and in such states only the party taping the conversation needs to know that it is being recorded. In these states, a patient might record a physician during an appointment or procedure without obtaining the physician’s permission. Such recordings can be used in malpractice cases, such as a recent case during which a physician made disparaging comments during a colonoscopy, before which a patient had started recording the procedure on his phone. The presenters suggested posting specific policies concerning such recordings, recommending language that prohibits use of recording devices unless specifically permitted by the provider.

Reducing risk

The presenters spoke of the seven elements to an effective compliance program identified by the HHS Office of Inspector General:

  • implementing written policies, procedures, and standards;
  • designating a compliance officer and committee;
  • conducting effective training an education;
  • developing effective communication;
  • enforcing standards;
  • conducting internal audits; and
  • responding promptly to detected offenses and developing corrective action.

One important piece of a program is a compliance hotline to allow employees an opportunity to report compliance issues. Employees should be able to do so anonymously, but also be able to provider his or her name with confidence in the organization’s confidentiality. Employees must be assured that they will not be retaliated against for reporting issues in the organization.

AMA preparing to tackle questions surrounding physician-patient texting

Regulators are serious about privacy and violations of the Health Insurance Portability and Accountability Act (HIPAA) (P.L. 104-191), and crackdowns keep providers on their toes. The evolution of technology provides innovative and efficient ways to practice medicine and communicate with patients, but this evolution brings with it new obstacles that can easily trip up a provider who is not paying close attention. At the end of a long day, a tired doctor might send a quick text to a mother who does not want to bring in her sick child if over-the-counter medicines will do the trick, trying to be as accommodating as possible and truly caring for the patient’s well-being. Both mother and doctor will be relieved that an unnecessary trip was avoided, but is this type of communication appropriate?

The American Medical Association (AMA) provides guidelines for providers on issues just like this one, and the AMA House of Delegates will consider expanding its advice on email communications to include text messaging at a June meeting. Although the AMA maintains that a face-to-face meeting is the foundation of a physician’s relationship with a patient, it recognizes that patients and physicians may prefer text message communications in various settings.

Considerations when texting

As expected, the AMA’s first basic standard of engagement to consider is HIPAA. The Board of Trustees (BOT) recommends discussing obligations under HIPAA’s Security Rule with both information technology (IT) staff and legal counsel. This rule requires that entities transmitting electronic protected health information (ePHI) ensure that these transmissions are confidential and secure. The AMA provides an educational tool to assist providers in achieving compliance with the rule, and HHS offers advice on protecting ePHI when using cell phones.

Providers should keep in mind potential differences in communication with patients, as opposed to colleagues. While doctors and nurses in the same office may think nothing of texting one another, a patient needs to consent to communication. Current guidance indicates that a patient’s initiation of a text conversation may serve as consent, but some providers might obtain written consent that acknowledges risks in such transmissions. Patients should be reminded that security is not guaranteed and that privacy can be breached as easily as someone they know using their phone and seeing a text.

Boundaries

In addition to consent and security issues, the AMA raises several points more along the lines of etiquette but that must be approached within the patient-physician relationship framework. A physician should establish boundaries with patients, such as establishing reasonable response times and appropriate times of day for texting. Additionally, extensive conversations are not recommended, and if a patient requests a lengthy explanation the physician should request that the patient come into the office.

When texting, the AMA recommends keeping a formal tone, cordial but refraining from using jokes, emoticons, or emotionally charged or sarcastic speech. The recommendations even extend to ending texts with the physician’s full name and business affiliation, accompanied by a request to acknowledge receipt of the message. Although it may seem obvious, the AMA also reiterates refraining using identifying information such as name or Social Security number and keeping text records.