Now There’s a Mobile App for Healthcare and HIPAA Compliant Communications
Mobile devices like handheld tablets and smartphones with apps for HIPAA-compliant communications allow doctors unparalleled flexibility. But along with the convenience and new uses of photographic and data transmission of patient health information (PHI), every provider must be aware of the legal implications of using these technologies. Now, there’s an app for HIPAA Compliant Communications. Here’s why it’s important.
In an informative article from the Advisory Board, Stacy Cook of Barnes & Thornburg LLP discusses how doctors and therapists can maintain HIPAA compliance as the usage of mobile devices increases among staff and patients. “Mobile devices are not mere cell phones. People often forget that mobile devices are handheld computers that can easily access and transmit PHI.
For instance, mobile apps for healthcare users transmitting and receiving PHI via public Wi-Fi or email applications on mobile devices use non-secure mobile networks, which puts PHI at risk of interception. Most mobile devices can take and store photographs, which can be a compliance concern if the pictures violate users’ privacy. Also, with any mobile device that is relatively small in size, providers must be concerned about misplacement and/or theft resulting in the unintended loss of PHI.
Mobile devices also pose unique storage challenges for providers. This is because individual users can dictate where information is stored. Cloud storage is popular among mobile device users, and users storing PHI in clouds may be putting the cloud provider at risk if a HIPAA business associate agreement is not signed.
Most providers now require cloud storage capabilities to be turned off on company-issued mobile devices to minimize PHI storage liability. However, the major challenge is still managing employees’ and business associates’ personal mobile devices.”
Use a HIPAA Compliant Mobile App for Healthcare and PHI Communications
Providers should know that the majority of mobile apps for healthcare are not HIPAA compliant! Fitness related apps do not need to be HIPAA compliant. But apps that deal with PHI and/or allow providers and patients to communicate with each other must meet the regulatory standard for HIPAA compliance. Ask for credentials and business agreement certifications. Ensure an app supports a HIPAA compliant phone and communication system. Best of all, a bundled communication system allows clinicians to safely choose from various HIPAA-compliant mediums to discuss and/or share PHI. It needs to integrate with popular office software and EHR systems easily.
Risk Management Steps
“Providers should develop policies and procedures outlining mobile device usage standards,” states Cook. “Policies should state whether or not personal mobile device usage is allowed, and if so, the usage parameters should be clearly defined. Providers should also be clear about which party is responsible for securing and encrypting mobile devices. Once mobile device policies are in place, providers should perform periodic audits to uphold compliance.”
In Case of a Breach
Cook writes, “Under HIPAA, if the organization is a covered entity (CE) and a breach occurs, then each patient whose PHI was compromised needs to be notified.
Providers should have written policies and procedures in place. They should outline how to investigate a breach and actionable steps to prevent future breaches. Providers must report breaches involving 500 patients or more to the Office of Civil Rights (OCR) simultaneously as the patient notifications. For breaches affecting under 500 individuals, providers can submit an annual report to OCR due February of the succeeding year.
Risks of HIPAA Non-compliance?
Under HIPAA, providers can face financial penalties for PHI breaches. The sanctions for enforcement cases range from $100-50,000 per violation, with a cap of $1.5 million per calendar year. Sometimes, settlements in excess of this cap occur because the government determines that the violation occurred over a number of years.
A provider’s reputation can also diminish because in addition to reporting to patients and the OCR, CEs must report to the media in some situations.”
An App for HIPAA-Compliant Communications
RingRx delivers a state-of-the-art HIPAA-compliant communications system built specifically to help make doctors’ lives easier. This includes an app for HIPAA-compliant communications relayed on your smartphone. It’s convenient, secure and delivers high value.
To learn more about a HIPAA-compliant system for doctors, dentists, therapists, and clinicians, please visit www.RingRx.com.
RingRx: A Simpler, Better Communication System. One Platform. All Your Devices. HIPAA Compliant and MACRA Ready.
RingRx unifies all digital communication streams from your mobile device, business phone, and fax into one easy—to—use dashboard. It simply increases efficiency, helps you improve flexibility, and makes patient communications more meaningful with every interaction while reducing errors and costs.
To learn more, call our HIPAA compliance phone and communication system experts at 1-888-980-6860.