“Patient Information Should Not Be Communicated Via Regular Emails”
It is not just a suggestion; it’s a rule to live by. No medical or dental office should ever use a traditional email account to communicate with patients or other providers about private patient information. Doing so could prove costly and detrimental to a practice that is found guilty of violating security rules surrounding patient privacy.
As a provider email is not a secure form of communication, and it would not be difficult for personal conversations regarding a diagnosis or treatment to be leaked or accessed by an unauthorized user.
When the Health Insurance Portability and Accountability Act (HIPAA) came into law, it required physicians and healthcare providers to protect the security and privacy of their patients’ digital records. Since that time, its guidelines have been clarified to address the electronic transfer of patient health information over an open network. While the law permits electronic health information transfers and does not specifically prevent the transfer of patient data via email, it is only permissible under stringent security protocols. Under the law, it is providers who have the sole responsibility of reviewing their own networks and ensuring they are compliant with HIPAA standards. It is also the responsibility of providers to explore adequate security options, such as data encryption, and take the steps necessary to protect patient information.
With the adoption of the HITECH Act in 2010, lawmakers reinforced the call for digital patient information security and raised the penalty by 600 percent! Whereas the former maximum penalty was $250,000, the new maximum skyrocketed to an astounding $1.5 million – enough to shut down a small practice. Furthermore, a 2013 amendment to the HITECH Act further enhanced privacy protections and individual rights concerning personal health information and access to digital records. Federal law now allows for state-administered audits of individual and group practices. All state-administered HIPAA compliance audits are supposed to be performed at random. If your practice is chosen, and you are found to have even one violation of HIPAA rules, you and your business associates could face civil and criminal penalties.
“Fines, as well as criminal penalties, can be imposed on the violating institution and
the individuals involved.”
Instead of finding yourself on the defensive side of an audit, it is far more beneficial to adequately prepare to lower your risk of fines. Invest in HIPAA-Compliant Email from a Trusted Provider. Clearly, the liability of handling sensitive information over regular email accounts and email services that are not HIPAA compliant is significant and capable of destroying a small business. It may seem that the conglomeration of laws and regulations surrounding patient privacy is in no way conducive to incorporating email into your practice. However, it can be done. It’s just a matter of fully understanding the rules or working with a trusted web services provider who does.
Do not be put off by the liability and rules surrounding patient privacy. If you are not already using email as a part of your practice, chances are you are considering it or you have at least been asked by patients to offer it as a service. Not only does email provide greater efficiency for you as a provider, but it can also provide convenient benefits for patients as well. Imagine how much smoother your practice could operate if email was a part of your practice.
We offer email service that is compliant with the laws that affect your practice, including HIPAA, the HITECH Act, and the more recent Omnibus Rule. This includes a comprehensive email platform that features strong security compliance, as well as patient authorization and consent. Using your own private domain name, we will create email accounts on behalf of your practice that are fully HIPAA compliant. The entire process requires very little of your time or attention. Instead, our highly skilled and experienced team will go to work creating a smart and easy-to-use email account interface that is as easy for you to navigate as other more familiar webmail services like Gmail, Hotmail, and Yahoo. For added convenience, we provide you with the option to link your new practice email to your smartphone, Outlook, or any other email program you currently use. That means you can begin utilizing your new email account right away with no learning curve and no additional technical knowledge required.
“HIPAA Rules Violation Fine Has Been Increased to $1.5 Million.”
We believe in treating our clients with the same respect and service we would desire for ourselves. That is why our services give you the advantage. Best of all, there are absolutely no contracts and no long-term obligations associated with our doctors webmail services. Don’t play with fire – the future of your practice is at stake. If you are thinking about integrating email into your practice or already utilize it but are unsure of its security compliance features, we invite you to contact our team. After working with doctors and dentists just like you for more than 13 years, we know what it takes to protect our clients and their patients. We know you are busy, but just one call to our office could lead to added value for your practice and a lower risk of liability. We make the setup process quick, easy and painless.
Give us a call today at 1-800-997-9368, or contact us online for more details. We look forward to serving you soon.