Health Information Compliance Alert
Are You Taking the Right Steps to Protect Your E-Mail PHI?
PDF
Document patient consent for e-mail messages and keep this on file, experts advise.
E-mail does make your communications with patients much easier since a message shot through cyberspace reaches the intended recipient faster than phone calls and letters.
However, the convenience and speed of e-mail comes with a price: someone other than the patient could read the e-mail and spread the word about sensitive medical conditions,such as HIV test results or malignancies.
Our experts offer advice on putting controls in place to safeguard PHI before sending any e-mails to patients.
Reduce Risks With E-mail Routine
A medical office employee should follow a few simple rules for every single e-mail she sends, regardless of whether the recipient is a patient, vendor or insurance rep,advises Gwen Hughes with Care Communications in Chicago. That way, you will be sure to protect sensitive information whenever it pops up in an e-mail.Before you send an e-mail from your medical office, Hughes recommends:
. checking for encryption software. You should protect each message with some sort of guard against hackers.
. putting a confidentiality disclaimer at the end of the office e-mail template. If you are stuck on how to begin your generic e-mail confidentiality disclaimer, see "Craft Your Own E-mail Disclaimer: Here's How" in this issue.
. asking the patient if he understands the concept of e-mail. Even some people with e-mail accounts (especially older patients) will have trouble with the intricacies of e-mail. Don't assume that patients know how e-mail works.
. be trained in e-mail PHI. If you don't know how to protect patient PHI in e-mails, you're better off having someone else send the message.
. forward patient-identifiable information to a third party only if you have the patient's authorization to do so.
You should never e-mail extra-sensitive PHI, warns Hughes. There are some things you should not print in an e-mail, such as the results of an HIV test, messages relating to psychiatric illness, substance abuse, and domestic violence.
Exactly what types of info are too sensitive to e-mail will depend on the practice. If you're unsure about a piece of info, it's worth checking with a doctor or nurse to see if you should be e-mailing it.
Hard Copies Provide Solid Evidence
Print a hard copy (or save a separate computer file) of each patient-office e-mail you send. That's the most practical method of protecting the office's interests when sending e-mails. Then, if there is any question about an e-mail, you can easily reference it.Health Information Compliance Alert
- ICD-10 UPDATE:
HHS Gives Providers More Breathing Room for ICD-10 Implementation
But start preparing now for ICD-10's Oct. 1, 2013 compliance date. After much uproar from [...] - Transactions Compliance:
Companion Rule Could Affect Your Electronic Transactions
Updated X12 standard accommodates ICD-10 code sets. Along with the ICD-10 final rule, HHS released [...] - Compliance Strategies:
Use These 6 Field-Tested Tips to Secure Your Employees' HIPAA Compliance
Address privacy breaches now or risk $10K per incident. You may have invested significant time [...] - Security:
Are You Taking the Right Steps to Protect Your E-Mail PHI?
Document patient consent for e-mail messages and keep this on file, experts advise. If you [...] - You Be the Security Officer:
When Should We Distribute the NPP?
Question: The entire front-office staff collaborated on a fact sheet about the privacy and security [...] - Reader Questions:
Is a Social Security Number Appropriate at Sign In?
Question: We ask patients to write down their date of birth or the last four [...] - Reader Questions:
PRIVACY RULE APPLIES TO PHYSICIAN PHONE CALLS
Question: Many of our physicians speak with patients or other treating physicians over the phone. [...] - Reader Questions:
PAPER VS. ELECTRONIC CLAIMS
Question: Does Medicare accept paper claims anymore?I've heard that all claims have to be submitted [...] - Reader Questions:
SECURE YOUR PHI WITH THESE FAX,E-MAIL TIPS
Question: Our office continues to get more computer and fax-savvy, and this has undoubtedly made [...] - Security Tip:
Craft Your Own E-Mail Disclaimer - Here's How
Make sure your practice's contact info is on every e-mail. Medical offices that use e-mail [...] - Information Technology Trends:
Seniors Look to Technology to Help Them Remain at Home
Usability, affordability, and availability of technical support are keys to success. Older adults want to [...] - Industry News:
Billing Co. Can't Fill Out PECOS Form on Doc's Behalf
Practitioners must personally fill out online form. Most practices that participate with Medicare Part B [...] - IN OTHER NEWS… Stamped physician signatures won't work
.Stamped physician signatures won't work on durable medical equipment forms. In 2006 CMS announced a [...]