Texting and E-mail in Medical Offices

HIPAA Requirements
•HIPAA Security Rule §164.312(e) requires consideration of encryptionof communications as an Addressable Implementation Specification
–Risk Analysis shows regular texting is NOT secure
–Using regular texting with PHI may be considered a breach
•HIPAA Privacy Rule §164.522 and §164.524 give patients rights of communication preferences and access of information (even if it is not secure)
–Making Patients happy
–Making HHS happy

-Jim Sheldon-Dean