HIPAA, TCPA & CMS Compliance for Email and Text Messaging

Overview

Despite widespread misinformation online, HIPAA Covered Entities—such as health care providers and health plans—can legally communicate with patients via unencrypted email and text messages. In fact, when individuals prefer unencrypted communications, Covered Entities are required to honor that choice.

Covered Entities only need to follow a simple "3 Step Safeguard" to avoid violating HIPAA regulations administered by the Office for Civil Rights (OCR) and the Telephone Consumer Protection Act (TCPA) enforced by the Federal Communications Commission (FCC). The U.S. Centers for Medicare & Medicaid Services (CMS) also has straightforward text messaging rules that are often overlooked but easy to follow.

These rules also extend to HIPAA Business Associates who send or receive PHI on behalf of Covered Entities.

This webinar will clearly explain the regulations, provide real-world examples, and show what to do—and what not to do—using examples from major, respected healthcare providers. The key takeaway is a simple method to protect your organization from HIPAA/TCPA violations.

Why You Should Attend

Attend this webinar to:

• Learn how to comply with HIPAA, TCPA, and CMS rules for emails and text messages containing PHI.

• Understand and implement the 3 Step Safeguard to protect your organization.

• Identify when emails and texts containing PHI must be encrypted versus when unencrypted communication is permissible.

Areas Covered in the Session

• Overview and Key Takeaways

• How HIPAA defines PHI—broader in scope than commonly perceived

• When you must encrypt emails and text messages containing PHI

• When unencrypted email and text messaging is appropriate for patient communication

• HIPAA rules for email and text messaging

• Key definitions and compliance concepts

• The 3-Step Safeguard for patient emails and text messages

• TCPA compliance: FCC rules and relevant Supreme Court decisions

• Guidance on encryption and enterprise-wide compliance tips

Who Will Benefit

• Health Care Covered Entities

• Health Care Providers, Clinics, Hospitals, and Practices of all types and sizes

• Physical, Occupational, and Behavioral Therapists

• Health Plans and Group Health Plan Administrators

• Third-Party Administrators

• Personnel and Executive Management of Covered Entities

• Compliance Committees and Boards of Trustees

• Practice Managers and Chief Compliance Officers

• HIPAA Compliance Officials (Privacy and Security)

• Patient Engagement and Marketing Specialists

• Patient Outreach Coordinators

• Risk Managers

• Covered Entity Owners and Senior Management

• Attorneys (In-House and Outside Counsel)

• Vendors and Business Associates, including:

  • Email/Text Message Patient Engagement Services

  • Billing and Collection Companies

  • Practice Management Companies

  • Vendors of Patient Satisfaction Surveys

  • Health Care Marketing and Compliance Consultants