![]() If you are not the intended recipient, you are hereby notified that any review, dissemination, distribution, or duplication of this communication is strictly prohibited. It is intended only for the use of the person(s) named above. ![]() The information contained in this transmission may contain privileged and confidential information, including patient information protected by federal and state privacy laws. It’s a good idea to have a disclaimer for your email. ![]() Here’s one place to look to get reviews and see what’s out there:. Do your research to see what would fit your budget and has the features you’d want in your business. ![]() Not all have a way to communicate with clients. The one that has the BAA is fairly expensive and seems best to use for teams when you want to make sure employees are following HIPAA privacy. They have a free version which is pretty cool and does the job to encrypt your data, but you cannot get a BAA with this. So, technically to be HIPAA compliant you need a Business Associate Agreement (BAA)**. They often require clients to log into their account. These services encrypt your email so you can communicate PHI securely. This can be used to send PHI to clients, and in theory you could have a shared Google doc for communicating versus using email directly. You will need to treat this as a regular email account as far as that goes.īut, you can consider using Sookasa, which is an additional application that you can purchase to encrypt the information you have in the cloud. But, don’t think you can submit PHI to clients securely with this! Things are secure when sending emails within your organization, but not to clients (since you don’t have control of security on their end). You can sign a BAA (Business Associate Agreement)** with the Basic plan. It provides more security than regular gmail. Probably the most affordable option for new businesses. ![]() You still need to be cautious, which means you should still have a way to communicate that is secure. “ the Privacy Rule does not prohibit the use of unencrypted e-mail for treatment-related communications between health care providers and patients, other safeguards should be applied to reasonably protect privacy, such as limiting the amount or type of information disclosed through the unencrypted e-mail.” 2 I’m going to just go right to the sources on this one and let them tell you how it is: Surprise! That often comes as a shock to people, but they say you can! Covered entities are defined in the HIPAA rules as (1) health plans, (2) health care clearinghouses, and (3) health care providers who electronically transmit any health information in connection with transactions for which HHS has adopted standards 1ĭid you know that HIPAA actually allows you to email clients? Don’t risk those hefty fines or your OT license.Ĭovered Entities. What are you to do when you want an easy way to communicate with clients?įirst, as an OT who is using an electronic device to communicate with clients know that you are a HIPAA-covered entity it’s better to be safe than sorry. When you’re starting a business, funds are low and your budget is tight, so starting with a fancy electronic medical record (EMR) with a HIPAA-compliant portal is often not an option. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |