Communicating with patients by unencrypted email and text message (SMS) about a variety of topics (appointment reminders, patient satisfaction, etc.) is growing dramatically. The HIPAA Rules for sending Protected Health Information (PHI) by electronic messages have been clarified. But most Providers and Business Associates are not following the HIPAA Rules.
Why Should You Attend
There are widespread violations of the HIPAA Rules for communicating with patients by unencrypted email and text message - largely because Providers and Business Associates just don´t know the rules. These HIPAA Rules are clear and easy to follow but you are at great risk and directly liable for breaking them.
A simple appointment reminder is, by definition, PHI even though it may not contain diagnostic specific information. So are Happy Birthday wishes, reminders that a patient is overdue for a check-up or has an outstanding balance on a bill.
You must know how you can maximize your use of key patient communication tools while protecting yourself and your organization from government penalties and patient lawsuits.
Health Care Providers have a mandatory "duty to warn" patients of risks associated with unencrypted email. A patient may refuse to receive unencrypted emails after being warned. Home Health Care Providers and Business Associates must strictly follow the patient´s restriction.
There is a HIPAA "safe harbor" that frees you from:
Responsibility for unauthorized access of a patient´s PHI during transmission and
Responsibility for safeguarding PHI delivered to the patient
Don’t be the Provider or Business Associate that finds itself in serious trouble simply because you didn’t follow the HIPAA Rules for unencrypted electronic communication with patients!
Areas Covered in this Webinar
This webinar focuses on HIPAA Rules for transmitting informational email and text messages to patients over an electronic communications network.
You will learn:
The information that makes a message subject to HIPAA
The "safe harbour 401k" - How Health Care Providers may obtain consent from patients to send PHI in unencrypted email and unencrypted text messages and not be responsible for unauthorized access to the PHI in transmission or when received by the patient
What a Health Care Provider must do if a patient does not agree to receive PHI in unencrypted email or unencrypted text message
The requirements for a Business Associate to be able to communicate by email or text message with a patient on behalf of a Health Care Provider
How a Business Associate may protect itself from liability for violating HIPAA Rules about email and text messages in its Business Associate Agreement
What a Health Care Provider must do if a patient does not agree to receive PHI in unencrypted emails or text messages
How Health Care Providers and Business Associates may prove they are compliant with the HIPAA Rules through documentation
The Policies and Procedures Health Care Providers and Business Associates must have in place to comply with HIPAA Rules concerning communication with patients through email and text message
More and more patients like the convenience of email and text message
The HIPAA "safe harbor" - how you can communicate with patients in the way they prefer and protect your organization
How Health Care Providers and Business Associates can work together to avoid violating HIPAA Rules about email and text message communications with patients
Who Will Benefit
HIPAA Compliance Officials
Marketing / Patient Relations Managers
Health Care Practice Managers
Information Systems Managers
Paul R. Hales, J.D. is an attorney at law in St. Louis, Missouri whose practice has included specialization in the HIPAA Privacy and Security Rules from the dates they became effective. He provides assistance and counseling on the new, more demanding compliance requirements of the HITECH modifications to HIPAA. Mr. Hales is licensed to practice before the Supreme Court of the United States, Federal Appellate and District Courts, the State Courts of Missouri and is a graduate of Columbia University Law School.