Patients prefer regular, or what are called unencrypted email and text messaging, for managing their Protected Health Information. The primary reason for this is that this method is an effective engagement and communication tool that patients have a right to use. Compliance with the rules set out by HIPAA and the TCPA (Telephone Consumer Protection Act) is necessary for safeguarding patient information and avoiding the hefty penalties that follow from noncompliance.
Not many are aware that all that is required for compliance is the implementation of a simple three-step HIPAA safeguard, which fully protects Covered Entities from violating both HIPAA and the TCPA (Telephone Consumer Protection Act), which, it goes without saying, is the most effective safeguard against potentially expensive TCPA class actions. However, the truth is that most HIPAA-governed entities fail to take advantage of the three-step safeguard, and instead, resort to the very misleading, generic information that they find on the Net, which can land them in a lot of trouble.
The new HIPAA Rules, which were first adopted in 2013, and the accompanying OCR guidance, have a thorough and clear-cut explanation of how Covered Entities and Business Associates should communicate with patients via unencrypted email and text messaging. This clarification is further strengthened by the new HIPAA Rules and a directive from the CMS Center for Clinical Standards and Quality/Survey & Certification Group, which also clearly state when Covered Entities and Business Associates must use encrypted email and text messages when they are communicating with persons like other Covered Entities who are not patients.
A webinar that is being organized on February 21 by MentorHealth, a leading provider of professional training for all the areas of healthcare, will explain how Covered Entities can protect themselves from HIPAA and TCPA violations by following the simple three-step safeguard to communicate with patients using unencrypted email and text messages.
Paul Hales, an expert on HIPAA Privacy, Security, Breach notification and Enforcement Rules, will be the expert at this webinar. Please visit Mentorhealth to take part in this learning experience.
—————————————————————————————————————
At this webinar, Paul will help the participants get an understanding of out how to use and document the three-step safeguard to protect their organization when communicating with patients by regular email and text message. He will explain how noncompliance with the “Safe Harbor” will lead to HIPAA and TCPA liability.
The expert will explain the new HIPAA Rules and the CMS directive to offer an understanding of when emails and text messages containing PHI must be encrypted.
—————————————————————————————————————
About the speaker: Paul R. Hales is an expert on HIPAA Privacy, Security, Breach notification and Enforcement Rules with a national HIPAA consulting practice based in St. Louis. He is the author of all content in The HIPAA E-Tool, an Internet-based, Software as a Service product for health care providers and Business Associates.