Overview: Email and text message are subject to the HIPAA Security Rule transmission standard. Changes in the Omnibus Rule in 2013 further clarified the importance of proper usage of email and text message, examples of electronic transmission media. Oftentimes used as a method to transmit PHI, electronic transmission media is an area that covered entities need to develop and implement policies and procedures to ensure HIPAA compliance.HHS states:Covered entities have "Duty to Warn" individuals of the risk of unencrypted transmission and that warning is a necessary step in protecting their PHIUnencrypted email and text messages may be sent only if the individual consents to receive them after being warnedDocumentation of consent is required. Through real world examples, Paul will delve into the ways to engage patients through email and text messages, teach you how to safeguard PHI throughout electronic transmission media, and set you on the path to HIPAA complianceWhy should you attend: Email and text message continue to grow with popularity amongst patients and amongst covered entities. And email and text message continue to be examples of a Breach! These methods of electronic communication are used as a way to discuss treatment, to market, and to engage the patient. And yet these methods of communication can be extremely unsafe. Interceptions, hackers, misdialed numbers can all result in stolen protected health information (PHI) and in HIPAA violations. All resulting in the loss of a patient's privacy, maybe even identity theft, and in loss of funds for the covered entity. Today health records are more valuable than credit card numbers or social security numbers on the black market. As a health care provider or covered entity, it is your responsibility to safeguard PHI. It was once understood that email and text message were deemed appropriate if the email or text message were received from the patient. Since the Omnibus Rule, this has changed. Covered entities are responsible under HIPAA requirements for all PHIS in every email and text message. The email or text message address alone is PHI as defined by HIPAA - regardless of the content. HIPAA requires that every covered entity has a "duty to warn" and has the responsibility of acquiring consent and keeping proper documentation. And yet this is not being done in a compliant way. There is a HIPAA "safe harbor" or "get out of jail free" card that frees you from:Responsibility for unauthorized access of a patient's PHI during transmission andResponsibility for safeguarding PHI delivered to the patientDon't be the Provider or Business Associate that finds itself in serious trouble simply because you didn't follow the HIPAA Rules for unencrypted electronic communication with patients!
17 Feb 2016 @ 10:00 am
17 Feb 2016 @ 11:30 am
Duration: 1 hours, 30 minutes
Timezone: GMT -5:00
Organised by NetZealous (deactivated)