Six Recommendations to The Joint Commission for Orders by Secure SMS

In the May 2016 edition of The Joint Commission Perspectives, TJC ended its previous ban on text messaging for healthcare providers. At that time, though prior data privacy and security concerns had been addressed, The Joint Commission (TJC) still had concerns about SMS orders within secure text messaging systems. On Dec. 22, TJC issued a clarification to its previous ruling on clinician orders sent by secure messaging. After consulting with Centers for Medicare & Medicaid Services (CMS), The Joint Commission indicated that orders through SMS were not acceptable. TJC noted that it was likely errors would occur.

The statement specifically noted transcription errors by under-qualified staff and communication inefficiencies introduced by SMS. The contraindicated workflow in the report would involve a clinician sending a message which another staffer would enter into the CPOE module. An example of the message would be, “Mark Olschesky, Ibuprofen 200mg, QID, NOW.”

As someone who installed CPOE in both inpatient and outpatient settings in my career, I think this ruling is pragmatic and correct. The Joint Commission has been very prescriptive on its recommendation for the reduced utilization of verbal and written orders in the wake of widespread CPOE adoption. Don’t think that this makes TJC patsy to big HIT either; they previously published a Sentinel Event on the dangers of CPOE itself in 2008.

CPOE feels complicated because it is complicated.

While the process of ordering and order entry may seem simple on the surface, in which the orderer decides the patient needs “x” and they should get that, it’s the perfect example of how many problems in digital health are long-tail problems. Order requirements can vary based on:

  • Patient setting: inpatient, outpatient, inpatient in an outpatient setting
  • Age
  • Who is placing the order
  • Academic setting
  • Type of order, and types of order within that type of order
  • Physical location
  • Etc.

It also doesn’t account for how many other computer systems orders need to be routed to. While I’m extremely sympathetic to clinician pleas for a simpler digital workflow (I think we could definitely design CPOE with better UX), part of the reason that CPOE feels complicated is because it is complicated. To build a lacking CPOE module outside of the EHR would add to complexity, required training and liability overhead within an organization.

However, that does not mean that I think order entry from secure messaging or other applications is absolutely impossible. There are effective stand-alone app order entry workflows, given that the app has enough information about the patient. The key to the availability of this data is the application’s capacity for interoperability. To follow are the requirements I would recommend to TJC in order to allow a messaging application to place orders.

6 recommendations for TJC.

  1. Require positive patient identification by the ordering user. It’s not enough to order something for a “John Smith.” The user should positively identify the patient through an EMPI query from the HIS system. Bonus points for visual ID through patient photos facilitated through the EMPI lookup.
  2. Pull pertinent patient information into the messaging application for clinician review before ordering. The messaging application should be able to consume either a CDA-formatted document or FHIR resources to evaluate medical necessity and to perform a basic overview of relevant patient data before ordering. At a minimum, clinicians should review the patient’s current medications, allergies, recent and visit orders, problem list, and visit diagnoses before placing an order.
  3. Users choose from a limited subset of orders which are routinely vetted by pertinent personnel within the organization. Letting a clinician order anything via messaging orders is too broad. However, a restricted list of orders and ordering scenarios would increase efficiency and reduce the likelihood of secure messaging ordering being ruled out for its operational complexity. Once again, the clinician can revert to CPOE or verbal orders in the event that the ordering workflow necessitates a more precise tool. The goal here is to save clinician time for simple orders at the balance of maintaining the patient safety guide rails put in place by CPOE and hospital verbal order policies. This step requires the messaging application to map orders to discrete systems, either standards-based (LOINC, RxNorm, NDC) or hospital-specific.
  4. Integrate with external CDS systems for medical necessity and medical interaction checking. Using the data acquired above, the messaging application should be able to query an external CDS vendor to display any pertinent drug and necessity checks to the orderer. Alert fatigue should be less likely since a minimal list of orders can have a more finely tuned subset of CDS logic to streamline the ordering process.
  5. Push the order to the appropriate downstream system. While the EHR can be seen as a monolithic piece of infrastructure, sometimes it is a sum of many parts. Medications need to go to pharmacy software, labs to an LIS, radiology diagnostics to an RIS, discharge orders to bed planning software, etc. Some EHRs can adjudicate this process while other applications may be required to manage the order transmission logic. The timeliness of orders is pretty much always required, so the application needs a mechanism that has mission-critical SLAs.
  6. Document any clinician documentation leading to the prescription in the messaging application in the EHR. Rationale is important. If there is any patient-centric discussion that lead to an order, it needs to eventually get back into the legal medical record so that it can be reviewed by other clinicians prior to dispense or administration.

These steps are challenging, but they are required. While the idea of facilitating all of this required integration can be intimidating, we already have this functionality live in production today on Catalyze Redpoint. These lessons apply directly to secure messaging, but the requirements would be similar for applications in telehealth, remote patient monitoring, and care coordination. Our team can help you understand how to integrate these systems not only technically, but into your user’s workflow. Need help? Email us at to kick off the process of setting up what it looks like to build basic order entry functionality into your application.