Now There’s an App for HIPAA Compliant Communications
Mobile devices like handheld tablets and smartphones with apps for HIPAA compliant communications allow doctors unparalleled flexibility. But along with the convenience and new uses of photographic and data transmission of patient health information (PHI), every provider must be aware of the legal implications of using these technologies. Now, there’s an app for HIPAA Compliant Communications. Here’s why it’s important.
In an informative article from the Advisory Board, Stacy Cook of Barnes & Thornburg LLP discusses how doctors and therapists can maintain HIPAA compliance as the usage of mobile devices increases among staff and patients. “Mobile devices are not mere cell phones. People often forget that mobile devices are essentially handheld computers where one can easily access and transmit PHI.
For instance, mobile device users transmitting and receiving PHI via public Wi-Fi or email applications on mobile devices are using unsecure mobile networks. This puts PHI at risk of interception. Most mobile devices can take and store photographs, which can be a compliance concern if the pictures violate their privacy. Also, with any mobile device that is relatively small in size, providers must be concerned about misplacement and/or theft resulting in the unintended loss of PHI.
Mobile devices also pose unique storage challenges for providers. This is because individual users can dictate where information is stored. Cloud storage is popular among mobile device users, and users storing PHI in clouds may be putting the cloud provider at risk if a HIPAA business associate agreement is not signed.
To minimize PHI storage liability, most providers now require cloud storage capabilities to be turned off on company-issued mobile devices. However, the major challenge is still managing employees’ and business associates’ personal mobile devices.”
Use a HIPAA Compliant App for PHI Communications
Providers should know that the majority of health-related apps are not HIPAA compliant. Fitness related apps do not need to be HIPAA compliant. But apps that deal with PHI and/or allow providers and patients to communicate with each other must meet the regulatory standard for HIPAA compliance. Ask for credentials and business agreement certifications. Ensure an app supports a HIPAA compliant phone and communication system. Best of all a bundled communication system allows clinicians to choose from a variety of HIPAA-compliant mediums to safely discuss and/or share PHI. It needs to easily integrate with popular office software and EHR systems.
Risk Management Steps
“Providers should develop policies and procedures outlining mobile device usage standards,” states Cook. “Policies should state whether or not personal mobile device usage is allowed and if so, the usage parameters should be clearly defined. Providers should also be clear as to which party is responsible for security and encrypting the mobile devices. Once mobile device policies are in place, providers should perform periodic audits to ensure that compliance is upheld.”
In Case of a Breach
Cook writes, “Under HIPAA, if the organization is a covered entity (CE) and a breach occurs, then each patient whose PHI was compromised needs to be notified.
Providers should have written policies and procedures in place. They should outline how to investigate a breach and actionable steps to prevent future breaches. Providers must report breaches involving 500 patients or more to the Office of Civil Rights (OCR) at the same time as the patient notifications. For breaches affecting under 500 individuals, providers can submit an annual report to OCR due February of the succeeding year.
Risks of HIPAA Non-compliance?
Under HIPAA, providers can face financial penalties for PHI breaches. The sanctions for enforcement cases range from $100-50,000 per violation with a cap of $1.5 million per calendar year. Sometimes settlements in excess of this cap occur because the government determined that the violation occurred over a number of years.
A provider’s reputation can also diminish because in addition to reporting to patients and the OCR, CEs are required to report to the media in some situations.”
An App for HIPAA Compliant Communications
RingRx delivers a state of the art HIPAA compliant communications system built specifically to meet help make doctors’ lives easier. And this includes an app for HIPAA compliant communications relayed on your smartphone. It’s convenient, secure and delivers high value.
To learn more about a HIPAA compliant for system for doctors, dentists, therapists and clinicians, please visit www.RingRx.com.
RingRx: A Simpler, Better Communication System. One Platform. All Your Devices. HIPAA Compliant and MACRA Ready.
RingRx unifies all digital communication streams from your mobile device, business phone and fax—all into one easy to use dashboard. It simply increases efficiency, helps you improve flexibility, makes patient communications more meaningful with every interaction while reducing errors and cost.
To learn more, call our HIPAA compliance phone and communication system experts at 1-888-980-6860.