Yes, when it contains Protected Health Information (or PHI)
THE HIPAA Security Rule and SMS Messages
Many healthcare organizations are confused about using text messages and whether SMS texting violates HIPAA Rules. Part of the confusion is that there is no specific mention of SMS text messages in HIPAA. However, HIPAA Rules do cover electronic communications, and therefore these rules apply to SMS messages.
As for whether SMS texting is a violation of HIPAA Rules, that would depend on the content of the messages, to whom the messages are sent, and – in the case of texting patients – whether consent has been obtained to send information via an SMS network.
There is nothing wrong per se with physicians using text messages to communicate with other healthcare professionals and care teams. Texting is a quick and easy form of sending short messages. Texting doesn’t rely on the recipient of the message being available at the time the message is sent. The message will be waiting for them when they become available.
However, SMS texting is a violation of HIPAA Rules if the text messages contain any protected health information for which a patient had not given their consent. If personal identifiers are included in the messages without permission of the patient, along with any data that falls under the classification of PHI in HIPAA Rules, physicians will likely be violating HIPAA.