- It is important to take steps to protect patient privacy when communicating with patients by telephone and SMS messaging.
- Always seek and document the patient’s consent before contacting them by telephone or SMS.
- Have clear policies and procedures in place for telephone calls, including leaving messages, and SMS messaging to help
avoid privacy breaches.
Patients need to be able to contact the practice easily to make
appointments and provide and receive information. You also
need to know how to contact your patients quickly, especially
when an urgent situation arises.
Ensure that you provide options for patients to be in contact
with the practice, so they can choose the method that best suits
them and are not disadvantaged by, for example, a lack of access
This factsheet explores short interactions and messages with
patients. There is a separate factsheet that covers consultations over the telephone and email communication with patients.
Telephone calls with patients
Patients usually provide their best contact details when
registering with the practice for the first time. This should be
recorded clearly in the patient’s record and routinely (ideally
each visit) checked with the patient that it is current.
You can also clarify with a patient during the consultation their
preferred contact method for follow up, particularly for a time
sensitive result. This should be noted in the patient’s file and
followed when the results become available.
A patient’s confidentiality can be breached simply by it
becoming known they are seeking medical care. This can make
it tricky to know when and how to leave messages if you can’t
reach the patient.
If you use the details the patient has provided, then, it is
reasonable to leave a short message asking the patient to
contact you or the practice. This can be left on their personal
voicemail service or with someone else who answers that
number. No detailed information or results should be included
in the message; just a name and return contact number. You
should then document this in the patient’s record.
The use of text messages for recalls and reminders has increased
in medical practices due to:
- Patient demand – patients find it convenient to receive
messages on their phones and are more likely to respond to
a recall or reminder SMS message than a letter.
- Efficiency – a patient’s mobile phone number is increasingly
becoming the most reliable contact information held in a
patient’s file as it does not need to change when their other
details might. It is also an instant form of communication.
- Cost – the cost of a text message is lower than the cost
of a letter.
- Technology – many electronic health record and online
appointment systems provide an easy way of sending
and recording SMS messages. There is an option in some
systems to receive a ‘read’ stamp, confirming the patient has
read the message.
If the whole or part of the purpose of the reminder SMS is to
advertise or offer goods or a service at the practice, you must
comply with the Spam Act (Cth) 2003.
In this circumstance the SMS message must:
- clearly and accurately identify the organisation that
authorised the sending of the message
- include accurate information about how the recipient can
readily contact the organisation
- contain a functional and clearly presented unsubscribe facility.
Have a policy
Having clear policies and procedures for how and when you
will contact patients and how they can contact you helps to
set expectations early. The policy can outline the ways you will
communicate with patients, and any methods not used and in
what circumstances. It also helps to address how patients are
best to contact you depending on their needs.
A staff policy helps as well, to set internal expectations of staff
and to guide training such as how to triage incoming calls and
to document any calls appropriately.
To encourage consistent use of the system in relation to SMS
messaging, the policy should cover:
who is authorised to send, receive and respond to
- how messages are recorded in the electronic health records
- what information may be included or not included in an
- how patient consent is obtained and documented
- whether SMS messages are sent offering goods or
- what checks are made to verify the patient’s mobile
telephone number is up to date and accurate.
1. Obtain and document consent
Your practice should record the patient’s preferred contact
details when they first join the practice.
If you use SMS messages, you should inform patients that these
are used as a reminder service for appointments and recalls. This
Just because patients have provided a mobile phone number
does not automatically mean they agree to receive SMS messages.
Your practice should obtain the patient’s consent to receive SMS
messages and the mobile number to use for the messages:
- in the patient registration form for new patients
- when confirming an appointment for existing patients
- through an online appointment or registration portal.
2. The patient’s contact details should be checked on
a regular basis.
Routinely check with patients that their contact details remain current.
Do this in a way that also respects their privacy. Ensure you also record
any limits on the way the patient is happy to be contacted.
Where patients do not consent to be contacted by text
messages this should be clearly documented to ensure that this
does not occur.
3. Limit the information contained in messages
All messages for patients should be limited so that the risk of
sensitive information being accessible to anyone else is reduced.
Messages should not contain sensitive health information
such as a description of particular test results that need to
be followed up or the results of such tests (unless the patient
expressly consents to this). The message should simply request
that the patient contact the practice, as well as indicate (where
appropriate) the level of urgency.
It is reasonable to send reminders about generic preventative
screening tests (eg. cervical screening tests, skin checks, flu
vaccines) as part of a practice’s preventative care role. However,
it is best not to include the detail for the reminder but rather
refer generally to a repeat screening test and a message to ring
the clinical for more detail. Some systems allow you to send a
link and the patient then logs in to obtain further details.
4. Implement a system for following up patients who
do not respond
When recalling patients for test results the same principles apply
to phone or SMS messages as for following up any test results.
The extent to which patients are followed up will depend on the
level of urgency and the clinical significance of their test results.
See Avant's follow-up factsheet for more information.
In the case of routine preventative health reminders, it is
generally not necessary to continue to follow up patients as they
may have decided not to have a test performed at the practice.
5. Document all messages in the patient’s record
All telephone calls and messages form part of the medical
records, as do SMS messages. A note needs to be made of the
time and date of the call and what was included in the message.
SMS messages need to be included in the patient’s record.
Some electronic health record systems do this automatically.
You can find additional resources including articles, podcasts
and webinars in the Avant Learning Centre under technology
or communication headings.
Office of the Australian Information Commissioner,
Guide to Securing Personal Information and OAIC Notifiable data breaches report July-December 2019
Royal Australian College of General Practitioners, Text messaging in general practice
RACGP standards 5th edition