Blog Overview

The Health Insurance Portability and Accountability Act (HIPAA) can be complicated.  What are you doing for HIPAA? How confident are you in your HIPAA plans?  More is needed than just a Notice of Privacy Practices and some HIPAA compliant software.  This is not an overwhelming task, but it does require you to follow a checklist and to be conscientious in complying with the HIPAA regulations.  By appointing a privacy and security officer, one person can oversee the HIPAA minimum requirements: create a HIPAA Policies & Procedures Manual, document HIPAA compliance, train employees to enforce HIPAA regulations & maintain a culture of privacy, and conduct an annual Security Risk Assessment. All of these will take some time to put in place, but once they are in place, they are easily enforced, and compliance is minimal. 

Introduction

You're probably not doing enough for HIPAA right now at this moment in time. Several times a week, I have...

Today we're talking about two real life examples (and there's probably a million more) of how you can save thousands of dollars, relieve giant headaches, avoid viruses and computer hacks into your system, and tackle other problems by simply having the proper document in place. I am going to tell you what this document is, what needs to be in it, and how to use it.

The Dangers of Spam

We are going to be looking at copyright laws, specifically copyright laws on the internet. In my business and in my wife's practice, we routinely get a message through our contact page, or someone might email us out of the blue, saying that they have noticed we have a copyright infringement. Here is an example from a recent email I received,

"Hi, this is Melinda, and I'm a certified illustrator.

I was surprised, frankly speaking, when I came across my images at your web-site (sic). If you use a copyrighted image without my permission, you need to be aware that you could be sued by the copyright...

Today I am giving you a quick HIPAA update and tackling one of the most frequently asked questions that I get daily from my members. I've counseled most of them on this, and now it's time to share the information with you. 

The recent, current question that practitioners are always asking me is, "Can I email my patients?" In other words, does HIPAA allow you to email your patients? The answer from HHS is a qualified yes, but I would say it's a qualified no from me. Let's take a look at these differences.

Read the Fine Print

The United States Department of Health and Human Services (HHS) has an article first published in 2008 (last refreshed in 2013) that says the Privacy Rule does allow you to email patients, even for health issues and treatment plans, which would traditionally be PHI (Protected Health Information). Also, according to HHS, unencrypted email is not prohibited and is allowed. However, the same article also references the reasonable safeguards you...