SlideShare a Scribd company logo

Texting and e mail with patients 2020

Download as PPTX, PDF
R
RobertAByrdr

Texting and E-mail with patients: Meeting Individual requests and complying with HIPAA. Visit www.skillacquireupdate.com

Health & Medicine
1 of 13
Texting and E-mail with Patients: Meeting Individual Requests and Complying with HIPAA Presenter Jim Sheldon-Dean Director of Compliance Services Lewis Creek Systems, LLC 1
Agenda • Discuss how to handle patient communications • Discuss how E-mail and Texting can work under HIPAA • Identify guidance from HHS for patient communications • Identify HIPAA policies that may need to be changed • Discuss rights for electronic copies of electronic records • Show the process that must be used in the event of breach • Learn about being prepared for enforcement and auditing • Learn how to approach compliance • Q&A session 2
Speaker Background • Disclaimer: I am an engineer and not a lawyer. This is not legal advice – I am only providing information and resources • BSCE (Civil Engineering) from UVM, MST (Transportation) from MIT • 38 years in consulting, information systems, software development, and security • Factory-trained SAAB Manual Transmission Specialist, 1973 • Process, problem-solving oriented • 8 years as Vermont EMT, crew chief • 20 years specializing in HIPAA and health information privacy and security regulatory compliance • See www.lewiscreeksystems.com for more details, resources, information privacy and security compliance news, etc. 3
HIPAA Privacy and Security Rules • Privacy Rule – 45 CFR §164.5xx; Enforceable since 2003 – Establishes Rights of Individuals – Controls on Uses and Disclosures – Access of PHI is a hot button issue for HHS • Security Rule – 45 CFR §164.3xx; Enforceable since 2005 – Applies to all electronic PHI – Flexible, customizable approach to health information security – Uses Risk Analysis to identify and plan the mitigation of security risks 4
HIPAA Breach Notification Rule • Breach Notification Rule – 45 CFR §164.4xx; Enforceable since February 2010 – Requires reporting of all PHI breaches to HHS and individuals – Extensive/expensive obligations – Provides examples of what not to do on the HHS “Wall of Shame”: https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf • Combined Rules as of March 2013 published by HHS OCR: http://www.hhs.gov/hipaa/for-professionals/privacy/laws- regulations/combined-regulation-text/index.html • 2013 Omnibus Update Rule, with Preamble, available at: http://www.gpo.gov/fdsys/pkg/FR-2013-01-25/pdf/2013-01073.pdf 5
So, what are we allowed to do? • Do what the patient wants – Meet HIPAA Requirements – Accommodate what you reasonably can • Meet the Patient’s Needs – Communication with the office for Prescription Renewals, Scheduling etc. – Discussion of particular health issues – Access of Medical Records, test results • Do what you can handle properly – For Patient Care – For Medical Records 6
What are the HIPAA considerations? • HIPAA Security Rule §164.312(e) requires consideration of encryption of communications as an Addressable Implementation Specification • HIPAA Privacy Rule §164.522 and §164.524 give patients rights of communication preferences and access of information • Proposed new rules on Data Blocking will reinforce HIPAA access rights • Making Patients happy • Making HHS happy 7
E-mail, Texting, and Security • E-mail and texting are inherently insecure – communications are not secured by default and may be retained or exposed by unknown parties • Secure e-mail solutions for general use are are readily available today but often cumbersome • An individual’s e-mail could be accessed by a third party if a weak or easy-to-guess password is used for the e-mail account • Secure communications are essentially required as good practice for professional communications • Consumer-grade Yahoo mail, g-mail, texting, etc., are all insecure means of communication and their use for professional purposes may be considered a breach 8
2016 Guidance: Questions and Answers • Numerous categories of Q&A, including: • Scope of Information Covered by Access Right • Timeliness of Providing Access • Form and Format and Manner of Access – Entity not liable for breach if individual requests insecure transmission – Entity can consider its security in accepting or denying various methods of providing access 9
Information Security Management Process • Definition of Information Security: – Protecting all three of Confidentiality, Integrity, and Availability • Definition of a Management Process: – Define and understand what you have – See how well it performs – Watch for problems – Review activities and issues – Make changes based on bang-for-buck • Information Security Management Process: – Information Inventory and Flow Analysis – Access and Configuration Control – Know who and what’s been going on in your networks and systems – Respond to and learn from Incidents – Audit and review regularly, and when operations or environment change – Make risk-based improvements 10
Where do we start? • Find out what people are doing already • Consider professional communications and patient communications separately • Document your processes for proper methods of communications with both patients and professionals • Secure all professional communications with any PHI • Offer secure patient communications • Develop and document the process for adopting and using insecure communications (plain e-mail or texting) if patients desire • Have a clear process for discussion of risks and indication of patient desires, with documentation 11
Your to-do list…  Don’t be in denial – willful neglect costs more than compliance  Accommodate individual rights  Review and update your policies and procedures per the rules  Establish your processes for Risk Analysis and Documentation  Document your communications policies and procedures  Update your Notice of Privacy Practices as necessary  Train staff in new policies and procedures  Document, document, document!  Conduct drills in audit and breach response  Make corrections based on results  Always have a plan for moving forward, and follow it! 12
Thank you! Any Questions? For additional information, please contact: support@skillacquireupdate.com visit our website: www.skillacquireupdate.com 13

Recommended

C. Gibbs MHA 690 week 1 discussion 2
C. Gibbs MHA 690 week 1 discussion 2C. Gibbs MHA 690 week 1 discussion 2
C. Gibbs MHA 690 week 1 discussion 2CGibbs3121
 
Update on Texting, E-mail, and HIPAA - Communicating with Patients under the ...
Update on Texting, E-mail, and HIPAA - Communicating with Patients under the ...Update on Texting, E-mail, and HIPAA - Communicating with Patients under the ...
Update on Texting, E-mail, and HIPAA - Communicating with Patients under the ...AudioEducator
 
Confidentiality training w1 d2
Confidentiality training w1 d2Confidentiality training w1 d2
Confidentiality training w1 d2corag25
 
Hipaa privacy rule
Hipaa privacy ruleHipaa privacy rule
Hipaa privacy rulecomplianceonline123
 
The HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your ProblemThe HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your ProblemSecurityMetrics
 
Tech Matrix 20080523
Tech Matrix 20080523Tech Matrix 20080523
Tech Matrix 20080523samsontamwaiho
 
Sensitive data
Sensitive dataSensitive data
Sensitive dataS.M. Towhidul Islam
 
Privacy by Design: legal perspective
Privacy by Design: legal perspectivePrivacy by Design: legal perspective
Privacy by Design: legal perspectiveDr. Mira Suleimenova, CIPPe
 

Recommended

C. Gibbs MHA 690 week 1 discussion 2
C. Gibbs MHA 690 week 1 discussion 2C. Gibbs MHA 690 week 1 discussion 2
C. Gibbs MHA 690 week 1 discussion 2CGibbs3121
 
Update on Texting, E-mail, and HIPAA - Communicating with Patients under the ...
Update on Texting, E-mail, and HIPAA - Communicating with Patients under the ...Update on Texting, E-mail, and HIPAA - Communicating with Patients under the ...
Update on Texting, E-mail, and HIPAA - Communicating with Patients under the ...AudioEducator
 
Confidentiality training w1 d2
Confidentiality training w1 d2Confidentiality training w1 d2
Confidentiality training w1 d2corag25
 
Hipaa privacy rule
Hipaa privacy ruleHipaa privacy rule
Hipaa privacy rulecomplianceonline123
 
The HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your ProblemThe HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your ProblemSecurityMetrics
 
Tech Matrix 20080523
Tech Matrix 20080523Tech Matrix 20080523
Tech Matrix 20080523samsontamwaiho
 
Sensitive data
Sensitive dataSensitive data
Sensitive dataS.M. Towhidul Islam
 
Privacy by Design: legal perspective
Privacy by Design: legal perspectivePrivacy by Design: legal perspective
Privacy by Design: legal perspectiveDr. Mira Suleimenova, CIPPe
 
HIPAA Compliance Training
HIPAA Compliance TrainingHIPAA Compliance Training
HIPAA Compliance TrainingLisa1289
 
GDPR – Data Portability
GDPR – Data PortabilityGDPR – Data Portability
GDPR – Data PortabilityBusola Awani
 
Complying with HIPAA Security Rule
Complying with HIPAA Security RuleComplying with HIPAA Security Rule
Complying with HIPAA Security Rulecomplianceonline123
 
QA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QA
QA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QAQA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QA
QA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QAQAFest
 
HIPAA Audit Implementation
HIPAA Audit ImplementationHIPAA Audit Implementation
HIPAA Audit ImplementationValency Networks
 
Managing Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebManaging Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebBoyd Neil
 
HIPAA Compliance Dangers for Digital Doctors
HIPAA Compliance Dangers for Digital DoctorsHIPAA Compliance Dangers for Digital Doctors
HIPAA Compliance Dangers for Digital Doctorsrobertpracticefusion
 
How to avoid being caught out by HIPAA compliance?
How to avoid being caught out by HIPAA compliance?How to avoid being caught out by HIPAA compliance?
How to avoid being caught out by HIPAA compliance?Lepide USA Inc
 
Hipaa slideshare ppt
Hipaa slideshare pptHipaa slideshare ppt
Hipaa slideshare pptKasey Durbin
 
BEMR
BEMRBEMR
BEMRAbhishek sharma
 
Training powerpoint mha
Training powerpoint mhaTraining powerpoint mha
Training powerpoint mhaThereseS
 
Phi masella
Phi masellaPhi masella
Phi masellaDenise Masella
 
PROTECTED HEALTH INFORMATION_PATIENT PRIVACY
PROTECTED HEALTH INFORMATION_PATIENT PRIVACYPROTECTED HEALTH INFORMATION_PATIENT PRIVACY
PROTECTED HEALTH INFORMATION_PATIENT PRIVACYDenise Masella
 
Hipaa basics
Hipaa basicsHipaa basics
Hipaa basicsmlireton
 
Hippa presentation2
Hippa presentation2Hippa presentation2
Hippa presentation2Katherine Smith , MHA
 
The real reason why physicians must comply with HIPAA. What the government do...
The real reason why physicians must comply with HIPAA. What the government do...The real reason why physicians must comply with HIPAA. What the government do...
The real reason why physicians must comply with HIPAA. What the government do...CureMD
 
Dotnet scalable and secure sharing of personal health records in cloud compu...
Dotnet scalable and secure sharing of personal health records in cloud compu...Dotnet scalable and secure sharing of personal health records in cloud compu...
Dotnet scalable and secure sharing of personal health records in cloud compu...Ecway Technologies
 
Patient confidentiality.ppt
Patient confidentiality.pptPatient confidentiality.ppt
Patient confidentiality.pptchwiso8418
 
Hipaa basics.pp2
Hipaa basics.pp2Hipaa basics.pp2
Hipaa basics.pp2martykoepke
 
Dotnet scalable and secure sharing of personal health records in cloud compu...
Dotnet scalable and secure sharing of personal health records in cloud compu...Dotnet scalable and secure sharing of personal health records in cloud compu...
Dotnet scalable and secure sharing of personal health records in cloud compu...Ecway Technologies
 
HIPAA, Texting, and E-mail — Using Appropriate Patient and Professional Commu...
HIPAA, Texting, and E-mail — Using Appropriate Patient and Professional Commu...HIPAA, Texting, and E-mail — Using Appropriate Patient and Professional Commu...
HIPAA, Texting, and E-mail — Using Appropriate Patient and Professional Commu...Conference Panel
 
Hipaa and social media using new
Hipaa and social media using newHipaa and social media using new
Hipaa and social media using newOnlineAudio Training
 

More Related Content

What's hot

HIPAA Compliance Training
HIPAA Compliance TrainingHIPAA Compliance Training
HIPAA Compliance TrainingLisa1289
 
GDPR – Data Portability
GDPR – Data PortabilityGDPR – Data Portability
GDPR – Data PortabilityBusola Awani
 
Complying with HIPAA Security Rule
Complying with HIPAA Security RuleComplying with HIPAA Security Rule
Complying with HIPAA Security Rulecomplianceonline123
 
QA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QA
QA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QAQA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QA
QA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QAQAFest
 
HIPAA Audit Implementation
HIPAA Audit ImplementationHIPAA Audit Implementation
HIPAA Audit ImplementationValency Networks
 
Managing Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebManaging Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebBoyd Neil
 
HIPAA Compliance Dangers for Digital Doctors
HIPAA Compliance Dangers for Digital DoctorsHIPAA Compliance Dangers for Digital Doctors
HIPAA Compliance Dangers for Digital Doctorsrobertpracticefusion
 
How to avoid being caught out by HIPAA compliance?
How to avoid being caught out by HIPAA compliance?How to avoid being caught out by HIPAA compliance?
How to avoid being caught out by HIPAA compliance?Lepide USA Inc
 
Hipaa slideshare ppt
Hipaa slideshare pptHipaa slideshare ppt
Hipaa slideshare pptKasey Durbin
 
Training powerpoint mha
Training powerpoint mhaTraining powerpoint mha
Training powerpoint mhaThereseS
 
PROTECTED HEALTH INFORMATION_PATIENT PRIVACY
PROTECTED HEALTH INFORMATION_PATIENT PRIVACYPROTECTED HEALTH INFORMATION_PATIENT PRIVACY
PROTECTED HEALTH INFORMATION_PATIENT PRIVACYDenise Masella
 
Hipaa basics
Hipaa basicsHipaa basics
Hipaa basicsmlireton
 
The real reason why physicians must comply with HIPAA. What the government do...
The real reason why physicians must comply with HIPAA. What the government do...The real reason why physicians must comply with HIPAA. What the government do...
The real reason why physicians must comply with HIPAA. What the government do...CureMD
 
Dotnet scalable and secure sharing of personal health records in cloud compu...
Dotnet scalable and secure sharing of personal health records in cloud compu...Dotnet scalable and secure sharing of personal health records in cloud compu...
Dotnet scalable and secure sharing of personal health records in cloud compu...Ecway Technologies
 
Patient confidentiality.ppt
Patient confidentiality.pptPatient confidentiality.ppt
Patient confidentiality.pptchwiso8418
 
Hipaa basics.pp2
Hipaa basics.pp2Hipaa basics.pp2
Hipaa basics.pp2martykoepke
 
Dotnet scalable and secure sharing of personal health records in cloud compu...
Dotnet scalable and secure sharing of personal health records in cloud compu...Dotnet scalable and secure sharing of personal health records in cloud compu...
Dotnet scalable and secure sharing of personal health records in cloud compu...Ecway Technologies
 

What's hot (20)

HIPAA Compliance Training
HIPAA Compliance TrainingHIPAA Compliance Training
HIPAA Compliance Training
 
GDPR – Data Portability
GDPR – Data PortabilityGDPR – Data Portability
GDPR – Data Portability
 
Complying with HIPAA Security Rule
Complying with HIPAA Security RuleComplying with HIPAA Security Rule
Complying with HIPAA Security Rule
 
QA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QA
QA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QAQA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QA
QA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QA
 
HIPAA Audit Implementation
HIPAA Audit ImplementationHIPAA Audit Implementation
HIPAA Audit Implementation
 
Managing Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebManaging Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social Web
 
HIPAA Compliance Dangers for Digital Doctors
HIPAA Compliance Dangers for Digital DoctorsHIPAA Compliance Dangers for Digital Doctors
HIPAA Compliance Dangers for Digital Doctors
 
How to avoid being caught out by HIPAA compliance?
How to avoid being caught out by HIPAA compliance?How to avoid being caught out by HIPAA compliance?
How to avoid being caught out by HIPAA compliance?
 
Hipaa slideshare ppt
Hipaa slideshare pptHipaa slideshare ppt
Hipaa slideshare ppt
 
BEMR
BEMRBEMR
BEMR
 
Training powerpoint mha
Training powerpoint mhaTraining powerpoint mha
Training powerpoint mha
 
Phi masella
Phi masellaPhi masella
Phi masella
 
PROTECTED HEALTH INFORMATION_PATIENT PRIVACY
PROTECTED HEALTH INFORMATION_PATIENT PRIVACYPROTECTED HEALTH INFORMATION_PATIENT PRIVACY
PROTECTED HEALTH INFORMATION_PATIENT PRIVACY
 
Hipaa basics
Hipaa basicsHipaa basics
Hipaa basics
 
Hippa presentation2
Hippa presentation2Hippa presentation2
Hippa presentation2
 
The real reason why physicians must comply with HIPAA. What the government do...
The real reason why physicians must comply with HIPAA. What the government do...The real reason why physicians must comply with HIPAA. What the government do...
The real reason why physicians must comply with HIPAA. What the government do...
 
Dotnet scalable and secure sharing of personal health records in cloud compu...
Dotnet scalable and secure sharing of personal health records in cloud compu...Dotnet scalable and secure sharing of personal health records in cloud compu...
Dotnet scalable and secure sharing of personal health records in cloud compu...
 
Patient confidentiality.ppt
Patient confidentiality.pptPatient confidentiality.ppt
Patient confidentiality.ppt
 
Hipaa basics.pp2
Hipaa basics.pp2Hipaa basics.pp2
Hipaa basics.pp2
 
Dotnet scalable and secure sharing of personal health records in cloud compu...
Dotnet scalable and secure sharing of personal health records in cloud compu...Dotnet scalable and secure sharing of personal health records in cloud compu...
Dotnet scalable and secure sharing of personal health records in cloud compu...
 

Similar to Texting and e mail with patients 2020

HIPAA, Texting, and E-mail — Using Appropriate Patient and Professional Commu...
HIPAA, Texting, and E-mail — Using Appropriate Patient and Professional Commu...HIPAA, Texting, and E-mail — Using Appropriate Patient and Professional Commu...
HIPAA, Texting, and E-mail — Using Appropriate Patient and Professional Commu...Conference Panel
 
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...M2SYS Technology
 
Comp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesComp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesCMDLMS
 
Security & Privacy - Lecture E
Security & Privacy - Lecture ESecurity & Privacy - Lecture E
Security & Privacy - Lecture ECMDLearning
 
HIPAA Compliant Cloud Computing, An Overview
HIPAA Compliant Cloud Computing, An OverviewHIPAA Compliant Cloud Computing, An Overview
HIPAA Compliant Cloud Computing, An OverviewClearDATACloud
 
HIPAA and Patient Access of Information - New Rules and Guidelines
HIPAA and Patient Access of Information - New Rules and GuidelinesHIPAA and Patient Access of Information - New Rules and Guidelines
HIPAA and Patient Access of Information - New Rules and GuidelinesConference Panel
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rssupportc2go
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rssupportc2go
 
MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...
MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...
MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...Michigan Primary Care Association
 
Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Asad Zaman
 
Geek Sync | Keep your Healthcare Databases Secure and Compliant
Geek Sync | Keep your Healthcare Databases Secure and CompliantGeek Sync | Keep your Healthcare Databases Secure and Compliant
Geek Sync | Keep your Healthcare Databases Secure and CompliantIDERA Software
 
Breaking Down the Latest HIPAA Modifications: What's New in 2024 and Beyond
Breaking Down the Latest HIPAA Modifications: What's New in 2024 and BeyondBreaking Down the Latest HIPAA Modifications: What's New in 2024 and Beyond
Breaking Down the Latest HIPAA Modifications: What's New in 2024 and BeyondConference Panel
 
IT6701 Information Management Unit - V
IT6701 Information Management Unit - VIT6701 Information Management Unit - V
IT6701 Information Management Unit - Vpkaviya
 
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Diana Maier
 
Hipaa overview 073118
Hipaa overview 073118Hipaa overview 073118
Hipaa overview 073118robint2125
 
HIPAA Compliance: What Medical Practices and Their Business Associates Need t...
HIPAA Compliance: What Medical Practices and Their Business Associates Need t...HIPAA Compliance: What Medical Practices and Their Business Associates Need t...
HIPAA Compliance: What Medical Practices and Their Business Associates Need t...Skoda Minotti
 
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin, Inc.
 

Similar to Texting and e mail with patients 2020 (20)

HIPAA, Texting, and E-mail — Using Appropriate Patient and Professional Commu...
HIPAA, Texting, and E-mail — Using Appropriate Patient and Professional Commu...HIPAA, Texting, and E-mail — Using Appropriate Patient and Professional Commu...
HIPAA, Texting, and E-mail — Using Appropriate Patient and Professional Commu...
 
Hipaa and social media using new
Hipaa and social media using newHipaa and social media using new
Hipaa and social media using new
 
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
 
3 02
3 023 02
3 02
 
Comp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesComp8 unit6a lecture_slides
Comp8 unit6a lecture_slides
 
Security & Privacy - Lecture E
Security & Privacy - Lecture ESecurity & Privacy - Lecture E
Security & Privacy - Lecture E
 
HIPAA Compliant Cloud Computing, An Overview
HIPAA Compliant Cloud Computing, An OverviewHIPAA Compliant Cloud Computing, An Overview
HIPAA Compliant Cloud Computing, An Overview
 
HIPAA and Patient Access of Information - New Rules and Guidelines
HIPAA and Patient Access of Information - New Rules and GuidelinesHIPAA and Patient Access of Information - New Rules and Guidelines
HIPAA and Patient Access of Information - New Rules and Guidelines
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rs
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rs
 
MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...
MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...
MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...
 
Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1
 
Geek Sync | Keep your Healthcare Databases Secure and Compliant
Geek Sync | Keep your Healthcare Databases Secure and CompliantGeek Sync | Keep your Healthcare Databases Secure and Compliant
Geek Sync | Keep your Healthcare Databases Secure and Compliant
 
Breaking Down the Latest HIPAA Modifications: What's New in 2024 and Beyond
Breaking Down the Latest HIPAA Modifications: What's New in 2024 and BeyondBreaking Down the Latest HIPAA Modifications: What's New in 2024 and Beyond
Breaking Down the Latest HIPAA Modifications: What's New in 2024 and Beyond
 
IT6701 Information Management Unit - V
IT6701 Information Management Unit - VIT6701 Information Management Unit - V
IT6701 Information Management Unit - V
 
HIPAA
HIPAAHIPAA
HIPAA
 
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
 
Hipaa overview 073118
Hipaa overview 073118Hipaa overview 073118
Hipaa overview 073118
 
HIPAA Compliance: What Medical Practices and Their Business Associates Need t...
HIPAA Compliance: What Medical Practices and Their Business Associates Need t...HIPAA Compliance: What Medical Practices and Their Business Associates Need t...
HIPAA Compliance: What Medical Practices and Their Business Associates Need t...
 
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
 

Recently uploaded

Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...
Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...
Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...Miss joya
 
Aspirin presentation slides by Dr. Rewas Ali
Aspirin presentation slides by Dr. Rewas AliAspirin presentation slides by Dr. Rewas Ali
Aspirin presentation slides by Dr. Rewas AliRewAs ALI
 
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call NowSonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call NowRiya Pathan
 
Call Girls Service Jaipur Grishma WhatsApp ❤8445551418 VIP Call Girls Jaipur
Call Girls Service Jaipur Grishma WhatsApp ❤8445551418 VIP Call Girls JaipurCall Girls Service Jaipur Grishma WhatsApp ❤8445551418 VIP Call Girls Jaipur
Call Girls Service Jaipur Grishma WhatsApp ❤8445551418 VIP Call Girls Jaipurparulsinha
 
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.Artifacts in Nuclear Medicine with Identifying and resolving artifacts.
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.MiadAlsulami
 
Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...
Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...
Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...narwatsonia7
 
Housewife Call Girls Hoskote | 7001305949 At Low Cost Cash Payment Booking
Housewife Call Girls Hoskote | 7001305949 At Low Cost Cash Payment BookingHousewife Call Girls Hoskote | 7001305949 At Low Cost Cash Payment Booking
Housewife Call Girls Hoskote | 7001305949 At Low Cost Cash Payment Bookingnarwatsonia7
 
Hi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near Me
Hi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near MeHi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near Me
Hi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near Menarwatsonia7
 
Call Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalore
Call Girl Bangalore Nandini 7001305949 Independent Escort Service BangaloreCall Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalore
Call Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalorenarwatsonia7
 
Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...
Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...
Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...narwatsonia7
 
CALL ON ➥9907093804 🔝 Call Girls Baramati ( Pune) Girls Service
CALL ON ➥9907093804 🔝 Call Girls Baramati ( Pune) Girls ServiceCALL ON ➥9907093804 🔝 Call Girls Baramati ( Pune) Girls Service
CALL ON ➥9907093804 🔝 Call Girls Baramati ( Pune) Girls ServiceMiss joya
 
Russian Call Girls Chennai Madhuri 9907093804 Independent Call Girls Service ...
Russian Call Girls Chennai Madhuri 9907093804 Independent Call Girls Service ...Russian Call Girls Chennai Madhuri 9907093804 Independent Call Girls Service ...
Russian Call Girls Chennai Madhuri 9907093804 Independent Call Girls Service ...Nehru place Escorts
 
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...Garima Khatri
 
Call Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service AvailableCall Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service Availablenarwatsonia7
 
CALL ON ➥9907093804 🔝 Call Girls Hadapsar ( Pune) Girls Service
CALL ON ➥9907093804 🔝 Call Girls Hadapsar ( Pune) Girls ServiceCALL ON ➥9907093804 🔝 Call Girls Hadapsar ( Pune) Girls Service
CALL ON ➥9907093804 🔝 Call Girls Hadapsar ( Pune) Girls ServiceMiss joya
 
Call Girl Coimbatore Prisha☎️ 8250192130 Independent Escort Service Coimbatore
Call Girl Coimbatore Prisha☎️ 8250192130 Independent Escort Service CoimbatoreCall Girl Coimbatore Prisha☎️ 8250192130 Independent Escort Service Coimbatore
Call Girl Coimbatore Prisha☎️ 8250192130 Independent Escort Service Coimbatorenarwatsonia7
 
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...Miss joya
 
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...Miss joya
 
Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...
Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...
Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...Nehru place Escorts
 

Recently uploaded (20)

Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...
Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...
Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...
 
Aspirin presentation slides by Dr. Rewas Ali
Aspirin presentation slides by Dr. Rewas AliAspirin presentation slides by Dr. Rewas Ali
Aspirin presentation slides by Dr. Rewas Ali
 
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call NowSonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
 
Call Girls Service Jaipur Grishma WhatsApp ❤8445551418 VIP Call Girls Jaipur
Call Girls Service Jaipur Grishma WhatsApp ❤8445551418 VIP Call Girls JaipurCall Girls Service Jaipur Grishma WhatsApp ❤8445551418 VIP Call Girls Jaipur
Call Girls Service Jaipur Grishma WhatsApp ❤8445551418 VIP Call Girls Jaipur
 
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.Artifacts in Nuclear Medicine with Identifying and resolving artifacts.
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.
 
Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...
Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...
Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...
 
Housewife Call Girls Hoskote | 7001305949 At Low Cost Cash Payment Booking
Housewife Call Girls Hoskote | 7001305949 At Low Cost Cash Payment BookingHousewife Call Girls Hoskote | 7001305949 At Low Cost Cash Payment Booking
Housewife Call Girls Hoskote | 7001305949 At Low Cost Cash Payment Booking
 
Hi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near Me
Hi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near MeHi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near Me
Hi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near Me
 
Call Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalore
Call Girl Bangalore Nandini 7001305949 Independent Escort Service BangaloreCall Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalore
Call Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalore
 
Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...
Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...
Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...
 
CALL ON ➥9907093804 🔝 Call Girls Baramati ( Pune) Girls Service
CALL ON ➥9907093804 🔝 Call Girls Baramati ( Pune) Girls ServiceCALL ON ➥9907093804 🔝 Call Girls Baramati ( Pune) Girls Service
CALL ON ➥9907093804 🔝 Call Girls Baramati ( Pune) Girls Service
 
Russian Call Girls Chennai Madhuri 9907093804 Independent Call Girls Service ...
Russian Call Girls Chennai Madhuri 9907093804 Independent Call Girls Service ...Russian Call Girls Chennai Madhuri 9907093804 Independent Call Girls Service ...
Russian Call Girls Chennai Madhuri 9907093804 Independent Call Girls Service ...
 
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...
 
Call Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service AvailableCall Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service Available
 
CALL ON ➥9907093804 🔝 Call Girls Hadapsar ( Pune) Girls Service
CALL ON ➥9907093804 🔝 Call Girls Hadapsar ( Pune) Girls ServiceCALL ON ➥9907093804 🔝 Call Girls Hadapsar ( Pune) Girls Service
CALL ON ➥9907093804 🔝 Call Girls Hadapsar ( Pune) Girls Service
 
Russian Call Girls in Delhi Tanvi ➡️ 9711199012 💋📞 Independent Escort Service...
Russian Call Girls in Delhi Tanvi ➡️ 9711199012 💋📞 Independent Escort Service...Russian Call Girls in Delhi Tanvi ➡️ 9711199012 💋📞 Independent Escort Service...
Russian Call Girls in Delhi Tanvi ➡️ 9711199012 💋📞 Independent Escort Service...
 
Call Girl Coimbatore Prisha☎️ 8250192130 Independent Escort Service Coimbatore
Call Girl Coimbatore Prisha☎️ 8250192130 Independent Escort Service CoimbatoreCall Girl Coimbatore Prisha☎️ 8250192130 Independent Escort Service Coimbatore
Call Girl Coimbatore Prisha☎️ 8250192130 Independent Escort Service Coimbatore
 
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...
 
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...
 
Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...
Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...
Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...
 

Texting and e mail with patients 2020

  • 1. Texting and E-mail with Patients: Meeting Individual Requests and Complying with HIPAA Presenter Jim Sheldon-Dean Director of Compliance Services Lewis Creek Systems, LLC 1
  • 2. Agenda • Discuss how to handle patient communications • Discuss how E-mail and Texting can work under HIPAA • Identify guidance from HHS for patient communications • Identify HIPAA policies that may need to be changed • Discuss rights for electronic copies of electronic records • Show the process that must be used in the event of breach • Learn about being prepared for enforcement and auditing • Learn how to approach compliance • Q&A session 2
  • 3. Speaker Background • Disclaimer: I am an engineer and not a lawyer. This is not legal advice – I am only providing information and resources • BSCE (Civil Engineering) from UVM, MST (Transportation) from MIT • 38 years in consulting, information systems, software development, and security • Factory-trained SAAB Manual Transmission Specialist, 1973 • Process, problem-solving oriented • 8 years as Vermont EMT, crew chief • 20 years specializing in HIPAA and health information privacy and security regulatory compliance • See www.lewiscreeksystems.com for more details, resources, information privacy and security compliance news, etc. 3
  • 4. HIPAA Privacy and Security Rules • Privacy Rule – 45 CFR §164.5xx; Enforceable since 2003 – Establishes Rights of Individuals – Controls on Uses and Disclosures – Access of PHI is a hot button issue for HHS • Security Rule – 45 CFR §164.3xx; Enforceable since 2005 – Applies to all electronic PHI – Flexible, customizable approach to health information security – Uses Risk Analysis to identify and plan the mitigation of security risks 4
  • 5. HIPAA Breach Notification Rule • Breach Notification Rule – 45 CFR §164.4xx; Enforceable since February 2010 – Requires reporting of all PHI breaches to HHS and individuals – Extensive/expensive obligations – Provides examples of what not to do on the HHS “Wall of Shame”: https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf • Combined Rules as of March 2013 published by HHS OCR: http://www.hhs.gov/hipaa/for-professionals/privacy/laws- regulations/combined-regulation-text/index.html • 2013 Omnibus Update Rule, with Preamble, available at: http://www.gpo.gov/fdsys/pkg/FR-2013-01-25/pdf/2013-01073.pdf 5
  • 6. So, what are we allowed to do? • Do what the patient wants – Meet HIPAA Requirements – Accommodate what you reasonably can • Meet the Patient’s Needs – Communication with the office for Prescription Renewals, Scheduling etc. – Discussion of particular health issues – Access of Medical Records, test results • Do what you can handle properly – For Patient Care – For Medical Records 6
  • 7. What are the HIPAA considerations? • HIPAA Security Rule §164.312(e) requires consideration of encryption of communications as an Addressable Implementation Specification • HIPAA Privacy Rule §164.522 and §164.524 give patients rights of communication preferences and access of information • Proposed new rules on Data Blocking will reinforce HIPAA access rights • Making Patients happy • Making HHS happy 7
  • 8. E-mail, Texting, and Security • E-mail and texting are inherently insecure – communications are not secured by default and may be retained or exposed by unknown parties • Secure e-mail solutions for general use are are readily available today but often cumbersome • An individual’s e-mail could be accessed by a third party if a weak or easy-to-guess password is used for the e-mail account • Secure communications are essentially required as good practice for professional communications • Consumer-grade Yahoo mail, g-mail, texting, etc., are all insecure means of communication and their use for professional purposes may be considered a breach 8
  • 9. 2016 Guidance: Questions and Answers • Numerous categories of Q&A, including: • Scope of Information Covered by Access Right • Timeliness of Providing Access • Form and Format and Manner of Access – Entity not liable for breach if individual requests insecure transmission – Entity can consider its security in accepting or denying various methods of providing access 9
  • 10. Information Security Management Process • Definition of Information Security: – Protecting all three of Confidentiality, Integrity, and Availability • Definition of a Management Process: – Define and understand what you have – See how well it performs – Watch for problems – Review activities and issues – Make changes based on bang-for-buck • Information Security Management Process: – Information Inventory and Flow Analysis – Access and Configuration Control – Know who and what’s been going on in your networks and systems – Respond to and learn from Incidents – Audit and review regularly, and when operations or environment change – Make risk-based improvements 10
  • 11. Where do we start? • Find out what people are doing already • Consider professional communications and patient communications separately • Document your processes for proper methods of communications with both patients and professionals • Secure all professional communications with any PHI • Offer secure patient communications • Develop and document the process for adopting and using insecure communications (plain e-mail or texting) if patients desire • Have a clear process for discussion of risks and indication of patient desires, with documentation 11
  • 12. Your to-do list…  Don’t be in denial – willful neglect costs more than compliance  Accommodate individual rights  Review and update your policies and procedures per the rules  Establish your processes for Risk Analysis and Documentation  Document your communications policies and procedures  Update your Notice of Privacy Practices as necessary  Train staff in new policies and procedures  Document, document, document!  Conduct drills in audit and breach response  Make corrections based on results  Always have a plan for moving forward, and follow it! 12
  • 13. Thank you! Any Questions? For additional information, please contact: support@skillacquireupdate.com visit our website: www.skillacquireupdate.com 13