This week I want to share with you how we have saved around $60-$70,000 in potential HIPAA fines— just based on having a good, quality, working knowledge of how website Terms and Conditions work and what content to put in a website Terms and Conditions.
I have always said that forms, documents, and templates are just tools, but they are important tools that are necessary for success. It's also crucial to understand that you have to know how to use these tools correctly, much like a stethoscope.
Case in point--this week, I received an email that, at first, looked like spam. It had come through my webpage and at first sight seemed alarming. This email would have been convincing, had I not understood my terms and conditions on my own website. Here is what the email stated:
Hello, Your website or a website that your organization hosts is violating the copyright-protected images owned by our company (intuit Inc.). Take a look at this doc with the hyperlinks to our images you utilized at www.functionallawyer .com and our earlier publications to find the evidence of our copyrights. Download it right now and check this out for yourself: [https://] storage.googleapis [.com] /m4b38h10cm38.appspot.com/d/file/0/public/a/2dfk39fdjf9vh3kfd9.html?l=491
I do think that you intentionally infringed our legal rights under 17 U.S.C. Sec. 101 et seq. and can be liable for statutory damages as high as $140,000 as set-forth in Sec. 504 (c)(2) of the Digital millennium copyright act (”DMCA”) therein.
This message is official notification. I demand the removal of the infringing materials referenced above. Take note as a service provider, the DMCA requires you to remove and/or disable access to the infringing content upon receipt of this notice. In case you do not cease the utilization of the previously mentioned copyrighted materials a legal action can be started against you. I have a strong belief that utilization of the copyrighted materials described above as allegedly infringing is not approved by the copyright owner, its legal agent, as well as law.
I swear, under penalty of perjury, that the information in this letter is accurate and hereby affirm that I am certified to act on behalf of the owner of an exclusive right that is presumably infringed. Best regards, Todd Wing Legal Officer intuit, Inc. intuit [.com] 10/13/2021
(Editor’s note: where you see brackets with italics inside [like this], links were disabled and broken up to reduce possibility of spreading spam links.)
Thankfully, I knew to delete this right away because I know what is and know that we are protected under our own Terms and Conditions on our website. I also know what the Digital Millennium Copyright Act (not even capitalized in their email, by the way) requires of people who are making requests for takedown notices. There are a lot of technical steps that people have to follow, which I have outlined in my Terms and Conditions on my site.
I knew that I could ignore this since I could tell it was spam. The first time I saw a notice like this,I at least knew to check into it by emailing the person back separately without clicking on any other links simply stating, “Hi. Thanks for your DMCA notice. Please check our Terms and Conditions for the proper steps to follow. Please also send me screen shares and not naked links of your evidence. I am happy to hear from you." Often when you try to do this, the email address will come back as undeliverable.
Don’t ever respond to emails like this directly. If they leave an email address, you can reply, but make sure you write a new, fresh email reporting your acknowledgment of what they sent you and explaining your concerns.
At this point, you no longer need to respond. You also should know that anyone who reports to be a legal officer will know to go look at your Terms and Conditions for who to contact via email and how and what needs to be in that take down request. Usually, it requires a signature, whether physical or digital, and identification of the copyrighted work, along with information reasonably sufficient for me to contact the complaining party, and several other details.
This is just one small reason why you need a website Terms and Conditions. They certainly limit your liability. However, they can only help you if you know what is in them, if you have a proper one on your website, and if you know where to check in terms of others websites.
People ask me where to feature their website Terms and Conditions. You are going to want to place them in the footer of your website. This would be the global footer that is displayed on every page of your website. You would include a link to the text that is featured on a static, standalone page, which gives the full details of your Terms and Conditions. It will usually look like yourcompany.com/termsandconditions .
Purchasing these materials one time, or getting them from a reputable attorney near you, can save you thousands of dollars down the road. Do not steal these types of materials from others. You do not know where another medical professional or business owner obtained their Terms and Conditions. It is important that yours are quality, thorough, documents and that they are specific to you and your site.
I know that it is cliché, but you might use these kind of statements with your patients all the time: "A stitch in time saves nine" or “An ounce of prevention is worth a pound of cure." These old adages the carry the same weight in medical and legal professions. Do right from the start and save yourself a ton of money and strife. You do not want spyware. You do not want malware on your computer. And you definitely don’t want your decisions to lead you to HIPAA breaches. These types of fines can add up very quickly and can cause major headaches.
If you don’t know what Terms and Conditions are, you need to know. We have plenty of educational videos available to you on our YouTube Channel.
If you need someone to guide you through all of this legal maze, you can contact me anytime as well.
If you don't have these documents featured on your website, you could be facing potential issues.
Sleep well at night, and make sure you are covered and protected.
The purpose of this call is to collect a "Patient History" and assessment in order to provide a 360-degree snapshot of the current legal health of your business.