HHSLive Webcast: HHS Mandatory Email & Text Message Encryption Rules with One Exception
As per the new requirements of HHS and CMS, all emails and text messages with Protected Health Information (PHI) should be encrypted with one following exception.
Patients hold the fundamental right to communicate with Covered Entities through unencrypted text or email if they have a preference for unencrypted electronic transmissions or if they are informed of any type of risk.
The requirements also clarify the following aspects:
- When PHI containing emails or text messages needs to be encrypted
- 3-steps HIPAA Safeguard that comprehensively protects Covered Entities from HIPAA violations if any unencrypted electronic transmissions get intercepted.
Usually, patients prefer regular (unencrypted) emails or text messages that serve the purpose of routine communications or appointment reminders. However, the internet is full of scammers who misguide patients about the Covered Entities through email and/or text messaging. One of the most common misconceptions is how HIPAA defines PHI. The U.S. Supreme Court issued a unanimous ‘blockbuster’ decision about the Telephone Consumer Protection Act (TCPA) on April 1, 2021, that affects healthcare text messaging.
The Live Webcast that’s going to take place on December 22, 2022, is about to cover
- How HIPAA defines PHI
- The simple 3-step HIPAA safeguard.
- Why the TCPA did not give blanket permission to text patients
- A patient’s absolute right to receive PHI by unencrypted email and text messages
- In what circumstances Covered Entities should encrypt electronic transmissions
The whole point is to keep Covered Entities safe from any kind of HIPAA violations and comply with the patient’s right to receive unencrypted emails and text messages containing PHI.