Email and Text Messages – How to Comply with HIPAA, CMS, and the TCPA

Despite misinformation peddled on the Internet, HIPAA Covered Entities (Health Care Providers and Health Plans) can use unencrypted email and text messaging to communicate with the individuals they serve. In fact, if individuals prefer unencrypted emails and texts, Covered Entities must agree.

Covered Entities only need to know and carefully follow a simple “3 Step Safeguard” to avoid violating HIPAA administered by the Office for Civil Rights of the U.S. Department of Health and Human Services (HHS) and the TCPA administered by the Federal Communications Commission (FCC).

The U.S. Centers for Medicare & Medicaid Services (CMS) also has a simple text messaging rule that is easy to follow but often overlooked. The same rules apply to HIPAA Business Associates who email or text PHI on behalf of a Covered Entity.

This webinar explains the rules clearly and captures your attention with multimedia and moving graphics. You will see exactly what to do and real-life examples of what not to do displayed on the websites of major, highly respected Health Care Providers.

The key takeaway is how Covered Entities can protect themselves from email and text message HIPAA/TCPA violations – how easy it is to do that.

• Overview – Key Takeaways
  • How HIPAA defines PHI – it’s different and much larger in scope than you may have been told.
  • When You Must Encrypt Emails and Text Messages with PHI.
  • When you must use unencrypted email and text messaging to communicate PHI to individuals.
  • Why this is essential.
• HIPAA Rules for Email & Text Messaging
  • Key Definitions.
  • 3-Step Safeguard – Patient Emails & Text Messages.
• TCPA – the FCC and the Supreme Court.
• When and Why You Must Encrypt.
• Highly Visible Violations.
• Tips for Enterprise-wide Compliance.

Attend this webinar to learn how to comply with HIPAA, TCPA, and CMS Rules for PHI in emails and text messages. You will see how to use and document the “3 Step Safeguard” to protect your organization. And you will learn when emails and text messages with PHI must be encrypted.

• Health Care Covered Entities
  • Health Care Providers.
  • Clinics.
  • Hospitals.
  • Health Care Practices of all types and sizes.
  • Physical, Occupational, and Behavioral Therapists.
• Health Plans
  • Group Health Plan Administrators.
  • Third-Party Group Health Plan Administrators.
  • Health Plan Administrators.
• Personnel
  • Executive Management – all Covered Entities.
  • Compliance Committee – Covered Entity Board of Trustees.
  • Practice Managers – Covered Entities.
  • Chief Compliance Officer – all Covered Entities.
  • HIPAA Compliance Officials – Privacy and Security.
  • Patient Engagement and Marketing Specialists.
  • Patient Outreach Coordinators.
  • Risk Managers.
  • Covered Entity Owners and Senior Management.
  • Compliance Committee – Physician, Practitioner-owned Covered Entities.
  • Attorneys for Covered Entities – In-house and Outside Counsel.
• Vendors and Business Associates  
  • Vendors of Email and Text Message patient engagement services.
  • Billing companies.
  • Collection Agencies.
  • Practice Management Companies.
  • Vendors of patient satisfaction surveys using Email and Text Messages.
  • Health Care Marketing Consultants.
  • Health Care Compliance Consultants.
  • Law Firms.