In this internet-savvy world where everything is shared clicks, it gets difficult to safeguard protected health information. You must be well-versed with the concept and the term ‘Protected Health Information. You must know that as per the latest HIPAA rules not anything or everything related to PHI can be shared on the internet.
Although emailing and texting proves a lot more convenient for health care practitioner as well as patients these communication methods have security risks and inherent pitfalls. Implementing e-mail and text solutions in the health care setting is a complex issue and several factors must be addressed.
Basics of HIPAA privacy as to electronic communication devices
Examples of state licensure laws governing protected health information and solving how to apply them to the health care practitioner
This informative webinar begins with the most basic of questions: Does the HIPAA Privacy Rule permit health care providers to use e-mail to discuss health issues and treatment with their patients?
Find out the answer and examine how the privacy rules of HIPAA allow covered entities and health care providers to communicate electronically, such as through e-mail or texting, with their patients and with other health care practitioners, but only provided those health care practitioners apply reasonable safeguards when doing so. This is mandated by federal administrative regulation.
This webinar is thus an advanced overview of the many rules, both by HIPAA at the federal level and in state licensure laws, that govern e-mailing and texting with patients and with other health care practitioners.
Who Should Attend
Health care attorneys
corporate compliance officers in health care
medical records staff of medical offices and health care entities
hospital attorneys
health care practitioners who are covered entities
law enforcement officers in health care compliance
state boards and agencies with jurisdiction over state licenses to practice a health care profession
Independent Call Girls Hyderabad 💋 9352988975 💋 Genuine WhatsApp Number for R...
Use of E-mailing, Texting, and Personal Devices by Health Care Professionals | Conference Panel
1. E-mailing, Texting, and the Use of Personal
Devices by Healthcare Professionals
HIPAA and Privacy Myths vs Reality
By
Mark R. Brengelman, Attorney at Law, PLLC
1
2. E-mailing, texting, and the use of personal devices by health care professionals
– HIPAA and privacy myths vs reality
Background about Mark R. Brengelman:
• Holds Bachelor’s and Master’s Degrees in Philosophy from Emory University, Atlanta, Georgia;
• Earned a Juris Doctorate from the University of Kentucky College of Law, Lexington, Kentucky;
• Served out a successful twenty year career with state government in Kentucky, including….;
• Worked seventeen years as an Assistant Attorney General in the Kentucky Office of the Attorney General;
• Represented state licensure boards which licensed and regulated health care practitioners and other professionals – general counsel
and prosecutor;
• Presented continuing education for more than fifty different state and national organizations and private companies – webinars and in-
person continuing education in Kentucky and across the nation;
• Served as the Chair of the Kentucky Bar Association’s Health Law Section 2017-2019; 2
3. E-mailing, texting, and the use of personal devices by health care professionals
– HIPAA and privacy myths vs reality
Introduction - based upon the content of this program, you will be able effectively to identify:
• The basics of HIPAA privacy;
• The basics of HIPAA and the use of electronic communications;
• Examples of state licensure laws governing protected health information;
• Elements of privacy notices and communications practices with patients;
• Texting, e-mailing, and personal devices;
• Bonus: website confidentiality and privacy disclaimers for the health care practitioner. 3
4. E-mailing, texting, and the use of personal devices by health care professionals
– HIPAA and privacy myths vs reality
The basics of HIPAA privacy.
The basics of HIPAA requirements for patient records – federal right of privacy.
Confidentiality also involves:
• State law privacy rights;
• Medical confidentiality as found in state licensure laws, especially in mental health, less in physical medicine
(such as physical therapy);
• Medical confidentiality found in national and state codes of ethics (most usually non-binding! Ex: Elvis Presley
impersonators code of ethics);
• Employment policies and human resources manuals of employers, and;
• State rules of evidence for privileged communications. 4
5. E-mailing texting, and the use of personal devices by health care professionals
– HIPAA and privacy myths vs reality
The basics of HIPAA requirements for protected health information:
• HIPAA was effective in April 2003 – applied to health care providers who submit payment requests via
electronic means;
• “Protected Health Information” (PHI) for “covered entities” – also covers independent contractors who are
“business associates” – does include law firms who hold medical records as PHI, and;
• General definition: PHI is any information held by a covered entity that concerns health status, provision
of health care, or payment for health care that can be linked to an individual - interpreted rather broadly as
to include any part of an individual’s medical record or payment history.
5
6. E-mailing, texting, and the use of personal devices by health care professionals
– HIPAA and privacy myths vs reality
Overview of HIPAA confidentiality with patient consent:
• Implied consent – insurance filings, billings, and others;
• Express consent – any reason, or no reason, the patient wants it – consent can be delegated such
providing records to the attorney of the patient;
• Exceptions to confidentiality – usually found in mental health, such as a minor in mental health treatment
whose parents are involved in a contested child custody case, and;
• Law enforcement exceptions - a term broadly applied to the government.
Questions? Can you waive your HIPAA privacy rights with a covered entity? With a specific disclosure for
electronic communications by the covered entity? But only to that information conveyed via electronic
communications by a covered entity? Good questions! 6
7. E-mailing, texting, and the use of personal devices by health care professionals
– HIPAA and privacy myths vs reality
The basics of HIPAA and the use of electronic communications.
Overview of HIPAA as applied to electronic communication issues:
• Health care professionals and their patients communicate among themselves and with each other;
• Unique to health care as opposed to the general public, confidentiality of electronic communications is an
issue for all health care practitioners;
• Exception: there is private information and there is confidential information, i.e., “protected health
information”;
• E-mail for any business can be hacked – creates more of a problem for covered entities;
• State licensure boards take an interest in patient confidentiality – especially in mental health.
7
8. E-mailing, texting, and the use of personal devices by health care professionals
– HIPAA and privacy myths vs reality
Overview of HIPAA as applied to electronic communication issues:
What about telepractice affects what should be included in the medical record? This is more than HIPAA.
Example:
• 201 KAR 26:310 § 2(5) and (6)(first effective March 4, 2011, and since amended in 2021):
(5) Use secure communications with clients, including encrypted text messages via e-mail or secure
Web sites, and not use personal identifying information in non-secure communications;
(6) Inform the client in writing about:
(a) The limitations of using technology in the provision of telepsychology;
(b) Potential risks to confidentiality of information due to technology in the provision of
telepsychology;
8
9. E-mailing, texting, and the use of personal devices by health care professionals
– HIPAA and privacy myths vs reality
Overview of HIPAA as applied to electronic communications – common sense suggestions for the employer:
• Do have an interdisciplinary team review your employment policies relating to confidentiality and
electronic communications, including social media and related topics;
• This should include an employment policy governing the employee’s use of electronic communications
mentioning the employer or patients that goes through an employer’s wi-fi or computer system, as well as
electronic communications between the health care provider and the patient;
• Do include representatives from Corporate Compliance, Legal, IT, Human Resources, Risk Management,
Finance, and similar departments on the interdisciplinary team;
• Consider basic security and privacy risk prevention. For example: issuing a smartphone or other
personal device to the health care practitioner to minimize privacy risks – devices that have to be kept
secure, are maintained by your IT department, can be remotely accessed and wiped clean if needed
because they are lost;
9
10. E-mailing, texting, and the use of personal devices by health care professionals
– HIPAA and privacy myths vs reality
Overview of HIPAA violations, with an emphasis on state licensure boards and agencies:
• State licensure boards and agencies – how state laws may apply to violations of confidentiality of
Protected Health Information – state laws as applied to licensed health care professionals;
• Privacy interests in your root canal? Note medical histories of patients have the most private information
(sexual history, medications, etc.) – current medical records of current procedures may also be very
confidential (current medications, etc.);
• Generic laws where HIPAA is never mentioned – how generic laws for state licensure agencies may
implicate HIPAA;
• HIPAA sanctions for violations;
10
11. E-mailing, texting, and the use of personal devices by health care professionals
– HIPAA and privacy myths vs reality
Overview of HIPAA and electronic communications – website and privacy suggestions:
For a website’s “contact me” webpage:
“If you have a general inquiry, please use the form below. I will generally return messages within X business
days.”
“Please note: The information you obtain at this site is not, nor is it intended to be, professional advice. You
should consult a mental health practitioner of your own choosing for advice regarding your individual
situation. Contacting me does not create a professional, or “doctor-patient,” relationship. Please do not send
any confidential information to me until such time as a professional relationship has been established. Thank
you!”
11
12. E-mailing, texting, and the use of personal devices by health care professionals
– HIPAA and privacy myths vs reality
Overview of HIPAA and electronic communications – some takeaways:
• Review the ways your staff may be using cell phones that introduces risk to patients and to the
organization – use of personal cell phones for business use and data sharing, and use of employer
internet for personal use and data sharing;
• Consider the best option for a cell phone service provider moving forward – work with a provider
experienced in government or health care organizations, and under contract;
• Explore ways to train staff members who will be using cell phones at work – start with clear employment
policies and device-specific agreements (i.e., business laptop, cell phone);
• Decide which uses of cell phones should be permitted by employees of different types of organizations –
employment policy not to use personal cell phone on employer internet service and allowing business use
of cell phone on employee’s own internet service away from work and apply to all workers;
12
13. E-mailing, texting, and the use of personal devices by health care professionals
– HIPAA and privacy myths vs reality
Overview of HIPAA and electronic communications – some takeaways, con’t.:
• State licensure laws, professional codes of ethics, and the concept of confidentiality should be firmly
ingrained in health care professionals’ psyches and work habits by now;
• Direct communication with patients by the health care practitioner or their employees is relatively new;
• When misused, electronic communications also carry legal risks that could negatively affect the
organization and result in personal consequences for the individuals involved – misuse is just another
example of a HIPAA violation, and;
• Most common consequence seems to be losing one’s job.
13
14. E-mailing, texting, and the use of personal devices by health care professionals
– HIPAA and privacy myths vs reality
What have we covered today?
• The basics of HIPAA privacy;
• The basics of HIPAA and the use of electronic communications;
• Examples of state licensure laws governing protected health information;
• Elements of privacy notices and communications practices with patients;
• Texting, e-mailing, and personal devices;
• Bonus: website confidentiality and privacy disclaimers for the health care practitioner. 14
15. E-mailing, texting, and the use of personal devices by health care professionals
– HIPAA and privacy myths vs reality
Conclusions – top takeaways:
• HIPAA is not new - day-to-day basics of HIPAA should be routine;
• Confidentiality is not new – especially in mental health practice;
• State licensure laws of health care professionals are not new – these contain the most basic of mandates
that can now be violated in new ways via electronic communications;
• E-mail and texting are permitted with precautions – only encrypted messages and methods demonstrate
absolute compliance with privacy, and;
• Warn patients about e-mail risks and get their informed consent, then limit the protected health information
that is shared electronically by regular methods of e-mail and texting. 15
16. Thanks for Reading
16
To Learn More, Register here…
https://conferencepanel.com/conference/e-mailing-texting-and-the-use-of-personal-
devices-by-health-care-professionals
For more information
Visit :- https://conferencepanel.com
Email :- cs@conerencepanel.com
Call :- +1-800-803-7592