HIPAA Requirements

How to Keep Your Practice’s Communication HIPAA-Compliant

HIPAA compliance is a top concern for medical practices, and for good reason–violations can result in serious consequences, including large fines and potentially even jail time. To make things more complicated, the laws themselves tend to be rather vague on what actions practices need to take to become HIPAA-compliant.

Medical practices need to protect private patient data, but they also need to be able to go about the daily business of running a practice as efficiently as possible. Technology can certainly make day-to-day operations more efficient, but new technologies also bring about new concerns with HIPAA compliance. Many practices are hesitant to adopt new technology for that very reason.

When practices do decide that they want to use technology to communicate with patients and other practices, it can be difficult to figure out where to begin because HIPAA laws can be quite vague. Practices don’t want to slip up and have to pay the price (often, quite literally) for a violation.

So, what can you do to keep your practice’s communications on the right side of HIPAA guidelines? We highly recommend working with an expert on HIPAA laws to make sure your communication is always compliant.

If you’d like to learn more on what HIPAA-compliant communication entails throughout your practice, including marketing efforts, emails, appointment reminders, patient portals, and communication with other practices, we have put together this list of helpful resources to help you stay up to date on the latest recommended best practices for HIPAA-compliant communication.

Emailing Patients

Patients who are always on-the-go may prefer to communicate with you via email. If patients request email communication, you must make that option available to them, but you still need to take the proper precautions to protect your patients and your practice from HIPAA violations.

HIPAA Compliance for Email

The Impact of HIPAA on Email Communications — What You Need to Know Before You Click ‘Send’

HIPAA, E-mails, and Texts to Patients or Others

The Facts about HIPAA and Email/SMS Communication with Patients

Appointment Reminders

Even appointment reminders can be considered private health information if done improperly. You may wish to use technology to automate this routine process and free up your employees’ time for other tasks, but you need to make sure that you aren’t inadvertently giving away private patient information in the process.

Department of Health and Human Services – Statement on appointment reminders by phone and email

How to Send Automated Medical Appointment Reminders Without Jeopardizing Patients’ Data Security

Are Appointment Reminders HIPAA Compliant?

New consent rules for contacting patients on mobile phones

Patient Portals

Practices are required to implement and use a patient portal to meet Meaningful Use requirements. However, patient portals are still subject to HIPAA laws and may in fact pose the greatest security risk of all practice communications because of the amount of information they contain. Always do your research before choosing a vendor for your patient portal to make sure they will keep you covered.

Patient portals pose new security issues

Patient Portals: Security Concern or Effective Tool?

Security vs. Usability

Communicating with Other Practices

It’s important for your practice to be able to communicate with your patients’ other healthcare providers to be able to provide the most comprehensive care possible. However, it can be quite challenging communicate with other practices in a manner that is both efficient and HIPAA-compliant. These resources include suggestions on improving your communication strategies while protecting private information.

Sharing Patient Records Is Still A Digital Dilemma For Doctors

Department of Health and Human Services – Statement on sharing information with other practices

HIPAA Faxing: How To Send and Receive Faxes in a Secure and Compliant Way

The Dangers of Sharing Patient Information via Text/IM

As a healthcare provider, your days are usually very busy, and it’s likely that the doctors you need to communicate with are equally as busy. When you need to share information, whether it’s a quick update on a patient or a request for a consult, it can be tempting to just send a quick text or instant message. If texting/instant messaging is your preferred form of communication with other doctors, you need to approach with caution.

Can Text Messaging be HIPAA Compliant?

HIPAA Compliance for Clinician Texting

“HIPAA-COMPLIANT” Texting of PHI: The Good. The Bad. The Ugly.

Not texting in healthcare? Here’s why you should

Want more practice marketing tips? View our 50 Ways to Market Your Practice guide!

View the Guide