atanu1982/Texting-and-E-mail-with-Patients-Patient-Requests-and-Complying-with-HIPAA
In the past few years, opportunities to communicate electronically have increased significantly and electronic communication (e-communication) is no longer limited to e-mail on the desktop. The advent of web enabled (or smart) phones and pad computers makes it possible to access information and send and receive messages anywhere there is a cell signal or wireless network. Mobile communication technologies have spread with remarkable speed. By the end of 2011, more than 5.6 billion people worldwide were using cell phones and smart phone purchases had outpaced computers. Physicians are embracing the technology. HIPAA 2018 Changes In this HIPAA session we will be discussing HIPAA 2018 Changes taking place in Washington with the Health and Human Services when it comes to the enforcement of the HIPAA regulations already on the books as well as some step-by-step discussions on the audit method and some current functions regarding HIPAA cases (both in courtrooms and from live audits). Attend this Session What not to Use Do not use the patient's name, initials, or medical record number in the subject line of an email. Also, do not use direct patient identifiers in the message content. This includes: Names Phone numbers Fax numbers Electronic mail addresses Social Security numbers Medical record numbers Health plan beneficiary numbers Account numbers and other personal details HIPAA - Texting & Emailing in 2018 With the introduction of smartphones, emails have become the even more accessible form of communication. In conjunction with email comes the issue of security and them being intercepted and read by unintended persons. Precautions and steps are to be taken at every step of the way. So for a Healthcare concern or a business associate, it's a key to maximize patient communication tools while protecting itself and the organization from government penalties and patient lawsuits. Attend this Session Limit the amount of personal health record information you include in electronic communication. Don't include any highly sensitive information, such as: Mental Illness or Developmental Disability HIV/AIDS Testing or Treatment Communicable Diseases Venereal Disease(s) Substance (i.e., alcohol or drug) Abuse Abuse of an Adult with a Disability Sexual Assault and other sensitive details HIPAA Privacy Officer: Module 1 HIPAA Privacy Officer Training will uncover all HIPAA and HITECH expectations in protecting patient and member's right to privacy and the confidentiality of Protected Health Information (PHI) as you engage in treatment, payment, and healthcare operations (TPO) services. Attend this Session What you need to know before you hit "send" The HIPAA Privacy Rule permits healthcare providers to use e-mail to discuss health issues and treatment with their patients, provided they apply reasonable safeguards when doing so. These precautions are intended to prevent unintentional disclosures of ePHI and may include: Double and triple-checking the e-mail address to ensure accuracy before sending Sending an e-mail to the patient to confirm the address prior to sending any e-mail with ePHI Limiting the type or amount of information disclosed through e-mail, including ePHI Encrypting the e-mail prior to sending Alerting the patient to the relative risks of using unencrypted e-mail to communicate sensitive information, such as the potential for interception by a third party; having the e-mail read by a person with whom the patient has shared their e-mail login and password; accessing private e-mail on a public computer, such as in a library or on a shared computer at work HIPAA Privacy Officer Module: 2 HIPAA Privacy Officer Training will cover all ongoing activities of a Privacy Program related to the development, implementation, maintenance of, and adherence to the organization's policies and procedures covering the privacy of, and access to, patient health information in compliance with federal and state laws and the healthcare organization's information privacy practices. Attend this Session Privacy and Security Require passwords and current antivirus (malware) protection for all devices (pads, laptops, desktops, smart phones) including providers' personal devices. Most smart phone and pad computer users do not use a password, defer to the pre-programmed password or use a simplistic password that is easy to guess. Develop and enforce password requirements. The portability of smart phones and pad computers makes them highly vulnerable to theft, loss and electronic snooping. Inventory all portable devices used by providers to communicate protected health information. Ensure the ability to lock or remote wipe the devices if lost or stolen. Most of the suggestions on e-mailing with patients also apply to text messaging (SMS), where applicable. It should be noted that, while a text message cannot be encrypted, there are third party vendors that offer so-called "HIPAA-compliant" text messaging services, which address the Person or Entity Authentication and the Transmission Security standards of the Security Rule. It is important for practices, providers and patients to understand the risks and benefits of communicating health care information electronically and to mitigate and manage the risks appropriately.....https://www.complyarena.com/articledetails/42