Overview:

Patient Engagement is widely recognized as essential for improving the quality of healthcare in the United States. Coordination of Care through Patient Engagement is a cornerstone of MACRA and revisions of Federal healthcare payment policy. Certified Electronic Health Record Technology (CEHRT) includes secure patient portals and secure messaging. Encrypted text message and email products are available from vendors.

But patients overwhelmingly choose easy-to-use unencrypted email and text messaging systems. Tens of thousands of unencrypted appointment reminders, healthcare instructions, patient satisfaction surveys, health and wellness newsletters and recall reminders are sent every day exposing Healthcare Providers to unnecessary, easily avoidable risks. HIPAA provides a simple, but little known "Safe Harbor" for Healthcare Providers that permits unencrypted email and text message transmissions to a patient.

Why should you Attend: The HIPAA Rules for sending Protected Health Information (PHI) by unencrypted electronic transmission are clear - and new. The first became effective with the HIPAA Omnibus Rule (September, 2013). Further, important guidance was published by the U. S. Department of Health and Human Services in 2014 and 2016. There is a simple 3 step HIPAA "safe harbor" that frees Covered Entities and Business Associates from any responsibility or liability for unauthorized access to Protected Health Information (PHI) in unencrypted emails and text messages during transmission and after receipt by the patient.

There are widespread violations of the HIPAA Rules for communicating with patients by unencrypted email and text message - largely because Providers and Business Associates just don't know the rules - and don't understand what PHI really is - as defined by HIPAA. The HIPAA Rules and HHS/OCR guidance provide a simple, easy to use 3 Step Safe Harbor for using unencrypted email and text messaging to engage patients. This session will explain the 3 Step HIPAA Safe Harbor. The secret is - HIPAA Rules are easy to follow, step-by-step - when you know the steps.

Areas Covered in the Session: This webinar for HIPAA Covered Entities and Business Associates will cover:

• MACRA-MIPS - Patient Engagement - the Required Objective: Protecting Patient Health Information and Measure: HIPAA Risk Analysis
• A clear explanation of the simple 3 Step HIPAA Safe Harbor that protects Covered Entities (and Business Associates acting on their behalf) from liability related to Patient Engagement by unencrypted email and text messaging
• HIPAA Law that covers unencrypted email and text messages - What emails and text messages are subject to HIPAA Law
• What Protected Health Information (PHI) really is - according to HIPAA - a clear explanation of how HIPAA defines PHI - it's not just information about, for example, a diagnosis, disease, surgery or prescribed treatment
• How a 2015 Federal Communications Commission Order about health care text messages added to confusion and what it really means - the 3 Step HIPAA Safe Harbor is the only text message Safe Harbor for Covered Entities and Business Associates
• The absolute ban on unencrypted text messaging of PHI by Joint Commission in collaboration with the Centers for Medicare & Medicaid Services (CMS)
• The interconnected liability of Covered Entities and Business Associates that provide unencrypted electronic patient engagement services like appointment reminders - and how both can protect themselves
• Responsibility - and liability of Senior Management and Boards of Trustees

• Hospital Trustees
• C-Suite Executives
• HIPAA Compliance Official
• HIPAA Privacy Officer
• HIPAA Security Officer
• Health Information Technology Supervisor
• Practice Manager
• Risk Manager
• Dentist
• Optometrist
• Chiropractor
• Physical Therapist
• Podiatrist
• Healthcare Marketing Specialist
• Healthcare IT Vendor/ Sales Manager
• Healthcare Communication Professional