HHS Mandatory Email & Text Message Encryption Rules with Only One Exception for Informed Patients

Recorded Webinar | Paul R. Hales | From: Nov 30, 2021 - To: Dec 31, 2021

Training Options & Pricing

Error Conference Exists In Wish-list.

Congrats Conference Added In Wish-list.

Recording
   $199  
DVD
   $209  
Recording + DVD
   $399  
Transcript (Pdf)
   $199  
Recording & Transcript (Pdf)
   $389  
DVD & Transcript (Pdf)
   $399  


Order Form

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted.

There is only one exception. Patients have the absolute right to communicate with Covered Entities by unencrypted email and text message – if the patients have been informed there is some level of risk and prefer using unencrypted electronic transmissions.

It also will explain when Emails and Text Messages containing PHI must be encrypted and the simple 3 Step HIPAA Safeguard that fully protects Covered Entities from HIPAA violations when communicating with patients by unencrypted email and text message – even if the unencrypted transmission is intercepted.

Regular (unencrypted) Email and Text Messaging are effective engagement and communication tools for routine communications like appointment reminders. Patients like and have the right to use them.

The Internet is awash with misinformation about Health Care Email and Text Messaging that can get Covered Entities into serious trouble. Part of the problem is a common misunderstanding of how HIPAA defines PHI. It’s much more than information about an individual’s medical condition, prescribed treatment, diagnosis, or medications as the webinar will explain.

On April 1, 2021, the U. S. Supreme Court issued a unanimous ‘blockbuster’ decision about the Telephone Consumer Protection Act (TCPA) that affects Health Care text messaging. The webinar will cover that decision and explain why it did not give blanket permission to text patients. HIPAA – and the 3 Step Safeguard are still in full force and effect.

The key takeaway is how Covered Entities can protect themselves fully from HIPAA violations and comply with the patient’s right to receive unencrypted Emails and Texts containing PHI. Just a simple 3 Step Safeguard is all that is needed.

Areas Covered:-

  • A brief review of HIPAA and the unanimous Supreme Court TCPA decision
  • How HIPAA defines PHI - it's not just medical information about, for example, a diagnosis, surgical procedure, or prescription
  • A Patient’s absolute right to receive PHI by standard (unencrypted) Email & Text Message
  • The simple 3 Step HIPAA Safeguard that protects Covered Entities from HIPAA violations when complying with the patient right to communicate by standard, unencrypted Email, and Text Message
  • When Covered Entities must encrypt Emails and Text Messages

Why should you Attend:-

You will find out how to use and document the 3 Step Safeguard to protect your organization when communicating with patients by regular Email and Text Messages. The 3 Step Safeguard is a complete “Safe Harbor” from HIPAA violations and exposure to unquestionable, serious Risks if you don’t take advantage of this safeguard.

Who Should Attend:-

Health Care Covered Entities

  • Health Care Providers
  • Clinics
  • Hospitals
  • Health Care Practices of all types and sizes
  • Physical, Occupational, and Behavioral Therapists
  • Health Plans
  • Group Health Plan Administrators
  • Third-Party Group Health Plan Administrators
  • Health Plan Administrators
  • Personnel
  • Executive Management – all Covered Entities
  • Compliance Committee – Covered Entity Board of Trustees
  • Practice Managers – Covered Entities
  • Chief Compliance Officer – all Covered Entities
  • HIPAA Compliance Officials – Privacy and Security
  • Patient Engagement and Marketing Specialists
  • Patient Outreach Coordinators
  • Risk Managers
  • Covered Entity Owners and Senior Management
  • Compliance Committee – Physician, Practitioner-owned Covered Entities
  • Attorneys for Covered Entities – In-house and Outside Counsel


Vendors and Business Associates

  • Vendors of Email and Text Message patient engagement services
  • Billing companies
  • Collection Agencies
  • Practice Management companies
  • Vendors of patient satisfaction surveys using Email and Text Messages
  • Health Care Marketing Consultants
  • Health Care Compliance Consultants
  • Law Firms

Paul R. Hales

Paul R. Hales received his Juris Doctor degree from Columbia University Law School and is licensed to practice law before the Supreme Court of the United States. He is an expert on HIPAA Privacy, Security, Breach notification and Enforcement Rules with a national HIPAA consulting practice based in St. Louis. Paul is the author of all content in The HIPAA E-Tool, an Internet-based, Software as a Service product for health care providers and business associates.