Join Today!

Communications & Data Management Policy

 

Purpose

This policy establishes the terms, conditions, and communication for sending SMS messages to patients at Claremedica. This policy outlines acceptable practices for communication related to a patient’s healthcare, ensuring patient privacy and compliance with legal requirements. The purpose of this policy is to protect patient privacy while improving communication related to their care. Claremedica is committed to ensuring that SMS communication with patients is conducted in a secure, compliant, and effective manner.

Scope

This policy applies to all team members, contractors, vendors, and other agents (together, “workforce members”) of Claremedica Health Partners, LLC, its subsidiaries, and affiliates (together, “Claremedica”). This policy is applicable to all departments, and third-party vendors engaged in sending SMS messages to patients related to their healthcare services including but not limited to text messages related to visits, account, one-time passcode notification, billing notifications, prescription reminders, and care management. Patient information used for text messaging will not be shared for marketing purposes.

Policy

Claremedica is committed to protecting patient privacy. This policy has been designed to ensure patient confidentiality, data security, and compliance with State and Federal regulations such as but not limited to HIPAA (Health Insurance Portability and Accountability Act) and TCPA (Telephone Consumer Protection Act). Texting patient information is permissible if accomplished through a secure texting platform (STP) and as mandated by federal and state laws.

Procedure

Patient Consent

  1. Obtaining Consent – Before sending any SMS/MMS text communication, Claremedica, must obtain explicit consent from the patient. The patient will be informed about the types of messages they will receive, the frequency, and the option to opt-out at any time, please refer to the “SMS Terms and Conditions” notice (see Attachment A) which will be made available online through the Claremedica.com website and will be made available through other forms of communication.
  2. Consent Methods
    • At the point of patient registration (online or in-person).
    • Via a consent form or in the patient portal.
    • Patient consent can be withdrawn at any time by the patient, either by replying to the SMS message with “STOP” or contacting the Claremedica customer service department.

Types of Communication

SMS/MMS will be used for the following purposes related to a patient’s healthcare including but not limited to:

  1. Appointment Reminders – Notifications regarding scheduled appointments, cancellations, or rescheduling.
  2. Prescription Refills – Notification of prescription status, reminders, or instructions for refills.
  3. Billing and Payment Reminders – Information related to billing, payment due dates, and account status.
  4. Account Notifications – The patient may receive notifications relating to their account.

Data Privacy and Security

  1. HIPAA Compliance: All SMS communications will comply with the Health Insurance Portability and Accountability Act (HIPAA). Sensitive patient health information (PHI) will not be shared via SMS, and care must be taken not to include any personal health details in the messages.
  2. Message Encryption: SMS messages containing any sensitive information will use secure, encrypted messaging services where possible. In cases where SMS cannot be encrypted or secured, information shared will be limited to appointment reminders, general notifications, and billing details only, and will not include protected health information (PHI).
  3. Data Storage: Patient consent for SMS communication will be recorded and securely stored in Claremedica’s electronic health record (EHR) system.

Opt-Out Process

  1. Easy Opt-Out: Patients have the right to opt out of receiving SMS messages at any time. To opt out, patients can reply “STOP” to any SMS message or may contact Claremedica’s customer service department. Opt-out requests will be processed immediately, and the patient will no longer receive non-essential SMS communication(s).
  2. Opt-In Confirmation: Once the patient opts in, Claremedica will send a confirmation message stating that they are now enrolled to receive SMS communications.

Message Content Guidelines

  1. Clear and Concise: SMS messages must be brief, clear, and to the point. They should include necessary information such as the appointment date, time, location, and any required actions by the patient.
  2. No Sensitive Health Information: Avoid including any sensitive health information, such as diagnosis, treatment plans, or test results, in SMS messages. Any communication regarding a patient’s personal health will be conducted via more secure methods (i.e., the patient portal, by phone, or via telehealth).
  3. Identification and Transparency: All SMS messages sent to patients should clearly identify Claremedica as the sender and include contact information (i.e., customer service department phone number) for any questions and/or concerns.

Frequency of Communication

  1. Message Frequency: SMS communications will be limited to the essential information necessary to maintain the patient’s care and will not exceed a reasonable frequency.
  2. Timing: Messages will be sent during business hours, typically between 8:00 AM and 6:00 PM Monday through Friday, unless urgent communication is required.

Legal and Regulatory Compliance

Compliance with Regulations: All SMS communications will comply with relevant regulations, including but not limited to:

  1. HIPAA: Health Insurance Portability and Accountability Act – Ensuring privacy and confidentiality of patient information.
  2. TCPA (Telephone Consumer Protection Act): Ensuring that SMS communications follow the regulations for automated messaging systems.
  3. CAN-SPAM Act: Ensuring that SMS marketing, if used, adheres to anti-spam laws.

Monitoring and Auditing: Claremedica will regularly audit SMS communication practices to ensure compliance with this policy and applicable federal and state laws.

Staff Training and Responsibilities

  1. Training: All Claremedica team members responsible for sending SMS communications will receive training on HIPAA compliance, the importance of patient consent, privacy and security, and the proper use of SMS as a communication tool.
  2. Accountability: All Claremedica “workforce members” must adhere at all times to this policy when using SMS to communicate with patients. Any violations of this policy should be reported to management immediately.

Patient Notification: Any changes to the SMS Communications Policy that may affect patients will be communicated to them through appropriate means, such as a notification via SMS or a message in the patient portal.

Enforcement

  1. Non-Compliance: Any violation of this policy will be investigated, and appropriate corrective actions will be taken, including retraining, disciplinary action, or termination, depending on the severity of the violation.

Definitions

SMS: “SMS” text message is a short text message sent between mobile devices using the Short Message Service. SMS is a standard way to exchange text messages over cellular networks.

Exceptions

N/A

Reference(s)

N/A

Attachments

Attachment A: SMS Terms and Conditions
Attachment B: Patient SMS Communication Consent
Attachment C: SMS Privacy Policy
Attachment D: Notice of Privacy Practices