Professional communications involving Protected Health Information must be conducted securely, according to guidance from HHS and any reasonable Risk Analysis required by the Security Rule, so any office communications must be carefully controlled to avoid breaches of PHI. As HIPAA requirements for allowing patients electronic access to their health information are now in effect, and as patients increasingly come to depend on electronic communications, there are new demands for communication via e-mail and texting, using personal devices.
This session will discuss the rights of individuals under HIPAA to communicate in the manner they desire, and how to decide what is an acceptable process for communications with individuals. The session will explain how to discuss communications options with individuals so that you can best meet their needs and desires, while preserving their rights under the rules. The new 2016 guidance on individual access of information will be discussed in detail.
This session will also describe the information security compliance process, how it works, and how it can help you decide how to integrate e-mail, texting, and personal devices into your organization in a compliant way. There has long been a HIPAA requirement for covered entities to do their best to meet the requests of their patients for particular modes of communication, and using e-mail or texting is no exception.