HIPAA and patient portals

I recently wrote an article about the importance of physician offices having a patient portal and how to implement such a portal. An attorney wrote me the following email reminding me about a HIPAA issue relating to patient portals; thought you might be interested in his reponse:

Just a quick note to compliment you on the patient portal item.  I’ve had recent communications with several health care attorneys and there is one HIPAA issue that I think you need to emphasize when your clients ask you about patient portals.  HIPAA requires a “security assessment” when a patient portal is implemented and, if that is not done and PHI is lost (even inadvertently), the feds could impose a hefty fine.

A recent case against an Anchorage provider reiterates the HHS position on updating training, security assessments and policies and procedures on a routine basis.

Scott Chase
Law Offices of J. Scott Chase
Board Certified, Health Law, Texas Board of Legal Specialization
Dallas, Texas
214-880-0404
email:  schase@airmail.net

Have questions? I’m here to help.

This field is for validation purposes and should be left unchanged.
This field is for validation purposes and should be left unchanged.
Categories
Accounting and Tax Services Litigation Support Managed Care Consulting Managed Care Contract Negotiations Medical Practice and Healthcare Entity Valuation Medical Practice Assessment Medical Practice Brokerage Medical Practice Embezzlement Consulting Medical Practice Management Medical Practice Merger Advice Medical Strategic Planning Newsletter Personal Financial Planning Oversight Physician Compensation Models Physician Compliance Physician Financial Management Services Retirement Uncategorized
About Reed Tinsley, CPA

As a top advisor to physicians, I help increase practice profits by delivering hands-on, expert medical accounting/tax support, practice counsel, and revenue-building strategies. Read More >

Reed Tinsley, CPA