Emails and HIPAA Security Concerns

Part of your HIPAA security plan should govern the use of emails and what information can and cannot be transmitted via emails, faxes, and the Internet. This can be addressed with an Internet Usage Policy, that should be part of your physician office's HIPAA Security Compliance Plan.

The bottom line is that confidential information "can" be included in an email if it is encrypted or password protected. For example, you could email patients lab results, but those lab results should be in a password-protected attachment, or be in the form of a link to a website that the patient needs a password to access. The password could be as simple as the first five digits of the patient's social security number or their Mother's maiden name.

Be sure to speak to our computer network consultant or IP staff person about solutions you can put in place to prevent health information or financial information from plainly appearing within an email.

Have questions? I’m here to help.

This field is for validation purposes and should be left unchanged.
This field is for validation purposes and should be left unchanged.
Categories
Accounting and Tax Services Litigation Support Managed Care Consulting Managed Care Contract Negotiations Medical Practice and Healthcare Entity Valuation Medical Practice Assessment Medical Practice Brokerage Medical Practice Embezzlement Consulting Medical Practice Management Medical Practice Merger Advice Medical Strategic Planning Newsletter Personal Financial Planning Oversight Physician Compensation Models Physician Compliance Physician Financial Management Services Retirement Uncategorized
About Reed Tinsley, CPA

As a top advisor to physicians, I help increase practice profits by delivering hands-on, expert medical accounting/tax support, practice counsel, and revenue-building strategies. Read More >

Reed Tinsley, CPA