Snares to watch for on your e-practice path
Snares to watch for on your e-practice path
Be cautious before e-mailing your patients
Before you exchange the first bit of electronic mail with your patients, your practice should do a risk assessment to identify the risks involved and have a plan to address them, advises Gwen Hughes, RHIA, practice manager with the American Health Information Management Association in Chicago.
Set up infrastructure
"Risks include information leakage, data integrity violations, and others. Providers can implement safeguards against most threats but they should know all the applicable laws and standards, as well as the risks before they proceed," she adds.
Hughes suggests that providers establish an information security infrastructure that sets out policies and procedures, training and awareness for staff, and methods to protect the health information against unauthorized access and threats to security.
Here are some elements you should consider:
• Establish rules on who will see the e-mail messages and how they will gain access to the system. This may include office staff, consultants, or whoever covers for the physicians during their absence.
• Explore different vendors who say they can provide a measure of secure e-mail between patients and physicians. Look at encryption methods and passwords to make sure the communication is secure.
• Be careful about leaving e-mail documents visible when no one is at the computer. Consider using screen savers with automatic sign-off so e-mail messages can’t be left visible by accident.
• As you write and reply to e-mail, keep in mind that all e-mail is discoverable in legal proceedings. Don’t open yourself up to liability.
• Explain the inherent risks and benefits of electronic communication to patients. Point out that the information may not be secure. Let them know that e-mail correspondence will be printed out and placed in their paper record.
• Develop written guidelines explaining how and when they should use e-mail and when they should not.
• Have patients who want to communicate by e-mail sign a consent form, indicating that they understand the risks.
• Strongly suggest that your patients confine personal e-mail communication to their home computers, rather than e-mailing you from work.
• Inform your patients how long they should expect to wait for a response to their message.
• Set up an automatic reply that acknowledges receipt of an e-mail message and indicates when the patient can expect a reply.
• Maintain a list of patients who send you e-mail so you can notify them if your system has technical difficulties or will be shut down for maintenance.
• When you send e-mail to a group of patients, send blind copies to each recipient so they won’t learn each other’s identities.
• Never forward patient e-mail to a third party without permission from the patient.
• Encourage patients to print a hard copy of e-mail correspondence for their records.
• Always double-check the e-mail recipient’s address before sending a message.
• Consider listing frequently asked questions on your Web page. If patients tend to ask the same questions, it will save you a lot of typing to refer them to a section of your Web site.
Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.