Add to collection(s) Add to saved
  1. Arts & Humanities
  2. Communications
  3. Marketing

Legal Aspects of Electronic Communication

advertisement

Legal Aspects of

Electronic

Communication

Stephen P. Williams, JD

Haynsworth Sinkler Boyd, PA

Greenville, S.C

swilliams@hsblawfirm.com

864-240-3320 www.hsblawfirm.com

HIPAA

Federal law that covers the “personal health information”, also known as “protected health information” or “PHI” that is stored, communicated or maintained in an electronic format by a “covered entity”

PHI generally refers to demographic information, medical history, test and laboratory results, insurance information and other data that is collected by a health care professional to identify an individual and determine appropriate care

Covers virtually all information held by physicians, hospitals, and all other healthcare providers

HIPAA

Specifically required the written permission of a patient to release the information and the covered entity can only release the minimum amount of information required to respond to a specific request covering a specific time period as requested in writing by the patient.

HIPAA

Exceptions to the written consent to release requirement:

A covered entity may release information necessary for:

 treatment of the patient payment to the covered entity operation of the covered entity

HIPAA

HIPAA also provides for minimum security standards for the electronic equipment utilized by the covered entity for storage, retrieval, and transfer of the actual electronic protected health information

HIPAA

Business Associates

HIPAA requires written agreements between covered entities and vendors, consultants, accountants, attorneys, etc. who utilize the protected health information to provide a service to the covered entity

Specific Hazards

E-mail

Secure servers with HIPAA 128 bit encryption

Yahoo, Hot Mail, G-Mail, MSN, etc.

Authentication

Completeness of the conversation

Where is the physical location of the recipient?

Home? Office? Spouse’s Office?

Instant Messaging

Specific Hazards

Text Messages

Encryption

Authentication

Completeness

Messages are on the phone forever?

Specific Hazards

Telephonic Communication

Identity of the other end of the conversation

Phone messages

Specific Hazards

Social Media

Facebook messaging

Authorizations for Electronic

Communication

Authorizations should include:

Identifying info:

DOB

SS# (last 4 digits)

Insurance Policy number

Photo ID

Info to be released

Street address

Telephone #, e-mail address to be used

Signature of patient or legally authorized representative

Witnesses

Special Considerations

Encryption for all e-mail, phones, text services

Delegation of communication responsibilities to specific individuals

Description of Privacy Practices

Duties to disclose unauthorized transfer

Marketing prohibitions

Be aware of “forwarding” issues

Special Considerations

Leaving messages to return calls or e-mail

Remind patients of their duty to help

Don’t use employer’s email or phones

Educate patients about risks of e-communication

Make sure your malpractice coverage covers ecommunication

Ask specific questions of your vendors

Special Considerations

Print all messages and place in patient’s chart!

Don’t speak about third parties in e-mails or text messages

Under current federal rules, e-mail messages are almost never deleted!

Learn how bcc works

Never use e-mail for STD status, mental health status, marital issues, child custody issues

Related documents
Understanding HIPAA Compliance
Understanding HIPAA Compliance
CATS
CATS
HIPAA Steering Committee - East Carolina University
HIPAA Steering Committee - East Carolina University
Communication, Teamwork, and Compliance
Communication, Teamwork, and Compliance
“You have the Right”
“You have the Right”
HIPAA & State Confidentiality Provisions for PHI (40k doc)
HIPAA & State Confidentiality Provisions for PHI (40k doc)
How to Perform a Large Scale HIPAA Security Gap Analysis and as
How to Perform a Large Scale HIPAA Security Gap Analysis and as
Principles and Practice of Information Security
Principles and Practice of Information Security
Document
Document
loveIII
loveIII
Internal and External Monitors of IT Controls
Internal and External Monitors of IT Controls
Increased Enforcement and Penalties (cont'd).
Increased Enforcement and Penalties (cont'd).
Truman Hybrid Entity Policy
Truman Hybrid Entity Policy
hipaa - Netrix IT
hipaa - Netrix IT
Data Use Agreement
Data Use Agreement
Regulatory and Ethical Issues of Using EHR Data For Research
Regulatory and Ethical Issues of Using EHR Data For Research
HIPAA's Applicability Across SUNY
HIPAA's Applicability Across SUNY
Policy
Policy
HIPAA and Telehealth - Telehealth Resource Center
HIPAA and Telehealth - Telehealth Resource Center
Privacy in the Real World Stephen A. Serfass
Privacy in the Real World Stephen A. Serfass
HIPAA: Overview on Compliance at The University of Texas System
HIPAA: Overview on Compliance at The University of Texas System
Chuck Novack
Chuck Novack
Download
advertisement