There is a simple 3 step HIPAA "safe harbor" that frees Covered Entities and Business Associates from any responsibility or liability for unauthorized access to Protected Health Information (PHI) in unencrypted emails and text messages during transmission and after receipt by the patient.
Why should you Attend:
Patient Engagement is a cornerstone of MACRA. Communication technology offers indispensable patient engagement tools. Secure patient portals are available. So are encrypted text message and email products. But patients overwhelmingly choose non-secure communication tools like text messaging and email.
Appointment reminders, healthcare instructions, patient satisfaction surveys, health and wellness newsletters and recall reminders are just a few patient engagement tools sent electronically by regular (unencrypted) email and text messaging. The HIPAA Rules for sending Protected Health Information (PHI) by unencrypted electronic transmission are clear - and new.
The first became effective with the HIPAA Omnibus Rule (September, 2013). Further, important guidance was published by the U. S. Department of Health and Human Services in 2014 and 2016. There are widespread violations of the HIPAA Rules for communicating with patients by unencrypted email and text message - largely because Providers and Business Associates just don't know the rules - and don't understand what PHI really is - as defined by HIPAA.
The HIPAA Rules and HHS/OCR guidance provide a simple, easy to use 3 Step Safe Harbor for using unencrypted email and text messaging to engage patients This session will explain the 3 Step HIPAA Safe Harbor. The secret is - HIPAA Rules are easy to follow, step-by-step - when you know the steps.
Areas Covered in the Session: This webinar for HIPAA Covered Entities and Business Associates will cover: