Artwork

Contenuto fornito da Sandra Weitz MD. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Sandra Weitz MD o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
Player FM - App Podcast
Vai offline con l'app Player FM !

HIPAA Compliant Email

11:53
 
Condividi
 

Manage episode 317236091 series 2949848
Contenuto fornito da Sandra Weitz MD. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Sandra Weitz MD o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.

We send and receive email every day so it would seem natural to send emails to your patients. But what if the emails contain protected health information? How do you make email HIPAA compliant?

How you will use email with protected health information

The first questions to ask are, “Is my email network is behind a firewall?” Are you only emailing protected health information between you and your staff within the confines of the firewall? If you answer yes to both questions, then you don’t need to encrypt your emails. But, you do need access controls for email accounts so that only those individuals who are authorized have access to protected health information.

On the other hand, if you intend to use email to send protected health information externally, you are responsible for protecting the protected health information—in other words, making it HIPAA compliant. Encryption is the key to making your email HIPAA-compliant but it’s not that simple. Many email service providers that offer an encrypted email service are not HIPAA compliant because they do not incorporate all the necessary safeguards to meet the requirements of the HIPAA Privacy and Security Rules.

Here are some of the things you will want to consider to make your email is HIPAA compliant

  • Ensure you have end-to-end encryption for email
  • Enter into a HIPAA-compliant business associate agreement with your email provider
  • The most important step—Develop policies on the use of email and train your staff
  • Emails containing PHI need to be retained for 6 years
  • Secure, encrypted email archiving saves storage space and is indexed making its easier to search
  • Obtain consent from patients before communicating with them by email

HIPAA email compliance should be included in your compliance plan. You don’t want something we all do every day—send and receive emails to get you into HIPAA trouble. If you are unsure of the requirements of HIPAA compliant speak with a healthcare attorney that specializes in HIPAA to advise you of your responsibilities and the requirements of HIPAA with respect to email.

Want to hear more tips on how to start, run and grow your practice and related medical businesses, please sign up for my newsletter at https://www.thepracticebuildingmd.com
Join my FB group, The Private Medical Practice Academy.
Enroll in How To Start Your Own Practice and get the step-by-step process for opening your practice.
Join The Private Medical Practice Academy Membership for live group coaching, expert guest speakers and everything you need to know to start, grow and leverage your private practice. The course, How To Start Your Own Practice is included in the membership, as a bonus.
Rate, Review, & Follow on Apple Podcasts"I love Sandy Weitz and The Private Medical Practice Academy Podcast." <-- If that sounds like you, please consider rating and reviewing my show! This helps me support more people -- just like you -- move toward the practice they want . Click here, scroll to the bottom, tap to rate with five stars, and select “Write a Review.” Then be sure to let me know what you loved most about the episode!

  continue reading

78 episodi

Artwork
iconCondividi
 
Manage episode 317236091 series 2949848
Contenuto fornito da Sandra Weitz MD. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Sandra Weitz MD o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.

We send and receive email every day so it would seem natural to send emails to your patients. But what if the emails contain protected health information? How do you make email HIPAA compliant?

How you will use email with protected health information

The first questions to ask are, “Is my email network is behind a firewall?” Are you only emailing protected health information between you and your staff within the confines of the firewall? If you answer yes to both questions, then you don’t need to encrypt your emails. But, you do need access controls for email accounts so that only those individuals who are authorized have access to protected health information.

On the other hand, if you intend to use email to send protected health information externally, you are responsible for protecting the protected health information—in other words, making it HIPAA compliant. Encryption is the key to making your email HIPAA-compliant but it’s not that simple. Many email service providers that offer an encrypted email service are not HIPAA compliant because they do not incorporate all the necessary safeguards to meet the requirements of the HIPAA Privacy and Security Rules.

Here are some of the things you will want to consider to make your email is HIPAA compliant

  • Ensure you have end-to-end encryption for email
  • Enter into a HIPAA-compliant business associate agreement with your email provider
  • The most important step—Develop policies on the use of email and train your staff
  • Emails containing PHI need to be retained for 6 years
  • Secure, encrypted email archiving saves storage space and is indexed making its easier to search
  • Obtain consent from patients before communicating with them by email

HIPAA email compliance should be included in your compliance plan. You don’t want something we all do every day—send and receive emails to get you into HIPAA trouble. If you are unsure of the requirements of HIPAA compliant speak with a healthcare attorney that specializes in HIPAA to advise you of your responsibilities and the requirements of HIPAA with respect to email.

Want to hear more tips on how to start, run and grow your practice and related medical businesses, please sign up for my newsletter at https://www.thepracticebuildingmd.com
Join my FB group, The Private Medical Practice Academy.
Enroll in How To Start Your Own Practice and get the step-by-step process for opening your practice.
Join The Private Medical Practice Academy Membership for live group coaching, expert guest speakers and everything you need to know to start, grow and leverage your private practice. The course, How To Start Your Own Practice is included in the membership, as a bonus.
Rate, Review, & Follow on Apple Podcasts"I love Sandy Weitz and The Private Medical Practice Academy Podcast." <-- If that sounds like you, please consider rating and reviewing my show! This helps me support more people -- just like you -- move toward the practice they want . Click here, scroll to the bottom, tap to rate with five stars, and select “Write a Review.” Then be sure to let me know what you loved most about the episode!

  continue reading

78 episodi

Tutti gli episodi

×
 
Loading …

Benvenuto su Player FM!

Player FM ricerca sul web podcast di alta qualità che tu possa goderti adesso. È la migliore app di podcast e funziona su Android, iPhone e web. Registrati per sincronizzare le iscrizioni su tutti i tuoi dispositivi.

 

Guida rapida