|
Speaker |
Mark R Brengelman |
|
Industry |
Healthcare |
|
Speciality |
HIPAA and Compliance Conference |
|
Available |
All Days |
|
Duration |
60 Minutes |
Description
This informative webinar begins with the most basic questions: Does the HIPAA Privacy Rule permit healthcare providers to use e-mail to discuss health issues and treatment with their patients?
Find out the answer and examine how HIPAA privacy rules allow covered entities and health care providers to communicate electronically, such as through e-mail or texting, with their patients and other health care practitioners, but only provided those health care practitioners apply reasonable safeguards when doing so. This is mandated by federal administrative regulation.
Specifically, certain precautions must be taken when using e-mail to avoid unintentional disclosures, such as checking the e-mail address for accuracy before sending or sending an e-mail alert to the patient for address confirmation before sending the message.
Further, while the HIPAA privacy rules do not prohibit using unencrypted e-mail for treatment-related communications between healthcare providers and patients, other safeguards should be applied reasonably to protect privacy, such as limiting the amount or type of information disclosed through the unencrypted e-mail. The health care practitioner may include the least protected health information in an unencrypted e-mail.
In addition, covered entities must make sure any transmission electronically of protected health information follows the HIPAA Security Rule requirements of federal law.
Patients have the right under the HIPAA privacy rules to request and have a covered healthcare provider communicate with them by alternative means or at alternative locations, if reasonable. For example, a health care provider should accommodate an individual’s request to receive appointment reminders via e-mail rather than on a postcard if e-mail is a reasonable alternative for that health care practitioner or provider to communicate with the patient.
However, if unencrypted e-mail is unacceptable to a patient who requests confidential communications, other means of communicating with the patient, such as by more secure electronic methods or by mail or telephone, should be offered and accommodated. The patient may also designate a particular e-mail address to use, such as their personal e-mail, not their work e-mail.
Patients may even communicate with a health care practitioner or other provider via e-mail. If this situation occurs, the health care provider can assume (unless the patient has explicitly stated otherwise) that e-mail communications are acceptable to the individual. This is implied consent and implied usage.
If the health care practitioner or other provider feels the patient may not be aware of the possible risks of using unencrypted e-mail or has concerns about potential liability, the provider can alert the patient of those risks, and let the patient decide whether to continue e-mail communications.
Uncertainty exists when faced with strict laws. Erase the fear, uncertainty, and doubt by reviewing how patient consent and communication practices can be updated to allow for specific means of electronic communication.
Further erase the uncertainty, fear, and doubt about what other laws, such as state licensure laws, apply to the confidentiality of patient-protected health information. Review further some examples of specific state licensure laws that apply to electronic communications that may be stricter than even HIPAA itself.
This webinar is thus an advanced overview of the many rules, both by HIPAA at the federal level and in state licensure laws, that govern e-mailing and texting with patients and with other health care practitioners.
Learning Objectives
Background
The background to this topic is the basic requirements of medical confidentiality, protected health information, and HIPAA privacy in doctor-patient communication.
Why Should You Attend
While the basic provisions of privacy for protected health information are well known, their application in today’s world of electronic and personal communication devices is complex – such as texting, emailing, and using personal devices such as smartphones and tablet computers. In addition to HIPAA rules, various state licensure laws exist to require confidential information be kept confidential.
This is more important than ever in our new work-from-home and mobile society.
Many security rules regarding protected health information involve how and when protected health information is to be kept confidential and not accessible to others outside of direct patient care. But what is protected health information? Can communications not involving such protected health information be transmitted by non-confidential and non-secure methods? Is even a patient's name protected health information?
The ability to text or e-mail healthcare practitioners and other staff and patients has become a priority for many healthcare entities and practitioners, especially solo healthcare practitioners with limited support staff. Maintaining patient privacy and confidentiality is necessary to make sure covered entities meet compliance standards of HIPAA and state licensure laws.
Although e-mailing and texting are convenient for the health care practitioner and patient, these communication methods have security risks and inherent pitfalls. Implementing e-mail and text solutions in the health care setting is a complex issue and several factors must be addressed.
Erase the fear, uncertainty, and doubt about exactly how a healthcare practitioner may use modern texting and e-mailing, both within their healthcare organization or facility and to the outside world of patients. Find out how these communications may or may not be required to be retained by the health care practitioner.
Who Should Attend
(Attorney at Law, PLLC)
Mark holds Bachelor’s and Master’s degrees in Philosophy from Emory University and a Juris Doctorate from the University of Kentucky.
Retiring as an Assistant Attorney General, he now represents:
Mark is a frequent continuing education presenter including national organizations around the country. He helps his clients navigate the law and ethics and make the rules understandable as applied to them.
Mark has worked for all three branches of government.