E-Book Text Messaging & HIPAA Compliance

Similar documents
Electronic Communication In Your Practice. How To Use & Mobile Devices While Maintaining Compliance & Security

General Department Policies & Procedures

Encryption. How do I send my encryption key?

Training sessions on the various communication methods will be made available at least once yearly. Guidelines

GUIDANCE October 31, 2008

Additional Information

POLICY FOR THE USE OF TEXT MESSAGING (SMS) FACILITIES

Central Desktop Enterprise Edition (Security Pack)

UC Irvine Health Secure Mail Message Center

FDOH Information and Privacy Awareness Training Learner Course Guide

THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) EMPLOYEE TRAINING MANUAL

Howell Township Public Schools: Instructions for Online Student Registration

10/29/2012 CONSUMER AFFAIRS AND BUSINESS REGULATION AND DATA SECURITY LAW

PHI- Protected Health Information

Gaston County HIPAA Manual

Glenmeadow, Inc. Terms and Conditions of Use Legal Notices/ Privacy Policy

How To Open An Encrypted

The recipient of the message will be able to reply to the SMS, i.e. SMS to .

Executive Vice President of Finance and

Ability to view, download, or print a "Continuity of Care Document" or "Health Summary".

EXHIBIT 2. CityBridge Privacy Policy. Effective November 4, 2014

APPROVED BY: DATE: NUMBER: PAGE: 1 of 9

STATEMENT OF PURPOSE:

stacktools.io Services Device Account and Profile Information

Streamlining Communications at Medical Facilities Across the Globe

Internet, and SMS Texting Usage Policy Group Policy

University of Illinois at Chicago Health Sciences Colleges Information Technology Group Security Policies Summary

Stewardship Data Management User Guide

MEDICAL OFFICE COMPLIANCE TOOLKIT. The Complete Medical Practice Compliance Resource HIPAA HITECH OSHA CLIA

Background Information

HIPAA TRAINING. A training course for Shiawassee County Community Mental Health Authority Employees

Providing Continuous Customer Service since 1976

Encrypted . Page 1 of 8

SENDING HIPAA COMPLIANT S 101

My Docs Online HIPAA Compliance

SMS Text Messaging. Guide & User Instructions Revised. America s Largest Message Notification Provider

Pennsylvania Department of Public Welfare. Bureau of Information Systems OBSOLETE. Secure User Guide. Version 1.0.

Title Electronic Scheduling of Equipment. Boston University Photonics Center Page 1 of 10

Your Archiving Service

Clear Creek ISD CQ (REGULATION) Business and Support Services: Electronic Communications

By the end of this course you will demonstrate:

Medical Privacy Version Standard. Business Associate Agreement. 1. Definitions

Getting Started Manual: Authors

Administrators Guide Multi User Systems. Calendar Year

Frequently Asked Questions About MyBrowardHealth

Keeping a Finger on the Pulse of Social Media in Healthcare: Understanding Evolving Roles and Risks

South Side Bank s Bill Pay User Guide

Secure User Guide

Acceptable Use of ICT Policy For Staff

Revelstoke Board of Education Policy Manual

HIPAA Security. 4 Security Standards: Technical Safeguards. Security Topics

Wimba Pronto. Version 3.1. Administrator Guide

SMS Text Messaging to Service Users Policy

MU Emergency Notification Messaging System (MU Alert) Frequently Asked Questions

Rocklin Unified School District Employee Authorized Network, Internet Usage, and Privacy Agreement

Privacy Policy. Peeptrade LLC ( Company or We ) respect your privacy and are committed to protecting it through our compliance with this policy.

Mobile Health Apps 101: A Primer for Consumers. myphr.com

CONTACTING SERVICE USERS BY TEXT MESSAGES (SMS) POLICY

Zipit Chat. Functional Specification / User Manual

Cisco Unity Express 8.5 Voic System User s Guide for Advanced Features

Georgia Immunization Registry (GRITS)

Southern Law Center Law Center Policy #IT0004. Title: Policy

Encryption. For the latest version of this document please go to: v 1.0 May 16,2011 Audience: Staff

I.T. Services. Quick Start Guide. E mail at Hope

THE LIMES MEDICAL CENTRE. Patient Access User Guide Edition 1

Introduction to HIPAA Compliance Checklist:

ONLINE PRIVACY POLICY

Quick Reference Guide for Avaya Distributed Office voice mail

Digital Signatures for Form 8879 and Engagement Letters. Revealing the Truth about Client Portals and File Sharing Systems

Adjust Webmail Spam Settings

United States Citizenship and Immigration Services (USCIS) Enterprise Service Bus (ESB)

Donna S. Sheperis, PhD, LPC, NCC, CCMHC, ACS Sue Sadik, PhD, LPC, NCC, BC-HSP Carl Sheperis, PhD, LPC, NCC, MAC, ACS

Word Secure Messaging User Guide. Version 3.0

Creating a Google Voice Account:

Wakefield Council Secure and file transfer User guide for customers, partners and agencies

Tax and Accounting Document Delivery

Electronic Procedure Guide for Sections

Slide 1. Slide 2. Agenda

WEBSITE HOSTING SERVICES AGREEMENT. Effective Date: 1/1/2015

Federal Bureau of Prisons

MICROSOFT OUTLOOK 2010

A common sense guide to the Data Protection Act 1998 for volunteers

Pacific Medical Centers HIPAA Training for Residents, Fellows and Others

Department of Veterans Affairs VHA HANDBOOK Washington, DC October 15, 2003

Subscription Administrator Guide. For GS1 Canada Services

HIPAA Security. 5 Security Standards: Organizational, Policies. Security Topics. and Procedures and Documentation Requirements

Introduction. General Use

HIPAA Privacy and Security

ACRONYMS: HIPAA: Health Insurance Portability and Accountability Act PHI: Protected Health Information

MISSISSIPPI DEPARTMENT OF HEALTH COMPUTER NETWORK AND INTERNET ACCESS POLICY

Volume UC DAVIS HEALTH SYSTEM. HIPAA Security Compliance Workbook. Single - User Guide

Federal Trade Commission Privacy Impact Assessment for:

GETTING STARTED SECURE FILE TRANSFER PROCEDURES A. Secure File Transfer Protocol (SFTP) Procedures

Metropolitan Living, LLC 151 W. Burnsville Parkway, Suite 101 Burnsville, MN Ph: (952) Fax: (651)

Junos Pulse for Google Android

The 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance

PHRU Extranet Terms and Conditions of Use (V6.0) 1. The Policy

Nursing Home Facility Implementation Overview

How To Ensure Your Office Meets The Privacy And Security Requirements Of The Health Insurance Portability And Accountability Act (Hipaa)

BOARD OF EDUCATION POLICY

Transcription:

Protecting & advancing pregnancy medical clinics E-Book Text Messaging & HIPAA Compliance For Life-Affirming Pregnancy Medical Clinics Lorraine Mazurek & Beth Chase January 2012

About the Authors Beth Chase, CEO of Chase Advancement Inc, and Lorraine Mazurek, President of Your Solutions Now LLC produced this E-book for life-affirming Pregnancy Medical Clinics. Beth specializes in organizational development and has over 35 years experience working with pregnancy help organizations. Lorraine has over 27 years experience in upper level management running medical facilities, and is a nationally recognized HIPAA trainer and assists medical clinics (including pregnancy medical clinics) in becoming accredited with the Accreditation Association of Ambulatory Health Care. You may reach them at: Lorraine Mazurek Office: 855-704-5189 Email: lmazurek@solutions-now.net Website: http://yoursolutionsnowllc.com/ Beth Chase Office: 509-886-4894 Email: beth@chaseadvancement.com Website: http://chaseadvancement.com Introduction Text messaging is an effective and efficient way to remind your clients/patients of their appointments and communicate information. However, the Pregnancy Medical Clinic (PMC) that is committed to being compliant in HIPAA privacy regulations must use a text-messaging program that encrypts your messages, have policies and procedures regarding their text messaging practices and must use a disclaimer on all email messages. The purpose of this E-book is to provide information about text messaging, sample guidelines, policies/procedures and forms that will help your PMC to meet the HIPAA standards for texting.

Text Messaging & Pregnancy Medical Clinics (PMC) What is Text Messaging? Text messaging is a short message service more commonly known as SMS. The service allows for short text messages to be sent from one cell phone to another cell phone or from the Web to another cell phone. SMS messaging is used pervasively around the globe. According to the Nielsen Company, the average Gen Y sends over 3,339 text messages a month. 1 Text messaging has its limitations. Including spaces, text messages traditionally cannot exceed 160 characters. While the bulk of a cell phone bill typically is its voice minutes or data usage, text messages are either included in the voice plan or are added as an extra cost. Five Texting Risk Management Concerns for Pregnancy Medical Clinics 1. No Cell Phone to Cell Phone Texting For risk management purposes, Pregnancy Medical Clinics should ONLY use Web based communications when texting their patients/clients as cell phone to cell phone texting is not as secure as using the computer. 2. Avoid Text Speak Text messaging in this context is a professional communication; hence text speak should be avoided. 3. Must include an Opt Out Option Organizations must include an opt out option on text messages. 1 http://mashable.com/2010/10/14/nielsen-texting-stats/

4. Texts Must Be Free to End Users Pregnancy Medical Clinics must send text messages free to end users so patients/clients without text service or limited text service on their cell phones avoid unwanted charges. 5. Risk of Urgent Care There is risk that patients may respond to the text and seek other information (for example, clinical advice). Careful consideration should be given to this potential problem, particularly given that there is a possibility that a patient may seek urgent advice outside of the organization s regular business hours. What Information Should Be Provided? Inform patient/clients of the organization s text messaging service and the limitations. You can accomplish this in the consent form, the organization s website and/or a brochure given to the patient/client. This information needs to be updated periodically to reflect changes in technology, federal, state and local rules and regulations and changes in the organization s services and policies. What Information Is NOT Appropriate For Pregnancy Medical Clinics To Send By Text Message? Be careful about the information sent in text messages; in general, terms, text messaging lends itself to sending out generic reminders. Do NOT text clinical information about the patient/clients and patients/clients need to be aware of this in the materials provided to them as discussed above. Pregnancy Medical Clinics should not rely on text messaging alone in issuing reminders or follow up; it should be part of a wider strategy.

Does Text Messaging Need To Become Part Of The Medical Record? YES, the text message is part of the patient s medical record, hence, it is important that the consent for the text message is recorded in full, as well as the date and time that it was sent and the content of the message. Any response received should also be recorded in the patient s medical record in the same way. Do Text Messages Need To Be Archived? YES, all text messages must be saved and archived. All text messages that are archived must be maintained for up to seven (7) years. How is Consent Taken? The patient s consent or refusal must be clearly recorded in the patient s medical record. Do not assume that just because you hold the patient s mobile telephone number in their medical record, they have provided consent for text messages to be sent. Only send text messages to those patients where consent has been given for this form of communication and it has been recorded in the patient s medical record. During an appointment, the patient should be asked whether they would be interested in receiving communication via text messaging. The patient s consent or refusal should be documented on the Text Messaging Consent/Declination Form and placed in their medical record. It is important to state on the consent what type of text messages they can expect to receive. It is also important to inform the patient that if they change mobile phone numbers or give their phone to a family member or friend, that information be communicated to the organization to ensure privacy and security.

Characteristics of Good Policies & Procedures Good Policies - Are simple, consistent and easy to use. They are written in clear, concise, simple language. Policies address the rules rather than how to implement the rule. If you use an acronym, spell it out the first time you use it. The board of directors should approve all policies but do not approve procedures. Good Procedures Describe the step-by-steps instructions, guidelines, and actions tied to policies in such a simple way that a new employee or volunteer can easily understand them. Unnecessarily restrictive procedures may limit usefulness, therefore, offer options if feasible. The board of directors does not approve procedures. Text Messaging Policies for PMCs Should Include Allowing the use of text messaging by the PMC Defining what texting would and would not be used for (see our sample policy found at Not allowing text speak messaging All text messages will be free of charge to end users or receivers and include an opt out option on all messages. Patients/clients will sign a text consent/decline form prior to PMC sending text messages. Form will comply with HIPAA standards. Allowing first time or non-patient/client callers to be sent appointment reminders and requiring that a phone log is used to track such actions How text messages will be kept and archived

Tips to Increase Your Email Security Use a 16-digit Password and Change It Every Month. This 16-digit password should be a combination of upper and lower case letters, numbers and characters (i.e., #,!, *, &) and should be changed every month. IT security experts say this will usually stop hackers from accessing your computer, email and websites. Keep Security Software Updated Mark the second Tuesday of the month on your calendar as many computer systems/software updates are released on this day. Use an Email Disclaimer Every email message should have a disclaimer attached to the bottom. Below is one that meets HIPAA standards. This email is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged and confidential. If the reader of this email message is not the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is prohibited. If you have received this email in error, please notify the sender and destroy/delete all copies of the transmittal. The above information is just a sampling of the issues surrounding email security and HIPAA compliance. Watch for e-book coming in April 2012 about email and HIPAA compliance. To order & download the text forms & policies & procedures go to - http://yoursolutionsnowllc.com/pregnancy-medical-centers.php

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information