Few messaging apps on mobile devices have sign in/out requirements and for this reason they do not safeguard information and therefore do not comply with HIPAA requirements. If a mobile device is lost or stolen there is risk that messages containing PHI may be made public.
Simply, sending a Text or Email carries risks because these messages may be viewed by people other than the intended recipient. For these reasons Personal Health Information is not advised in Phone messages, Texts or Emails as there is no way to fully guard against interception of messages or loss of devices.