One of the primary reasons why the United States government passed the Health Insurance
Portability and Accountability Act (HIPAA) was to
encourage the use of new technology in the healthcare field by estabalishing rules to
protect the privacy of
patients. A key aspect of HIPAA relates
to the security of data regarding patient records and other vital information that should
remain private under federal law.
If you work in a healthcare office, you may be wondering if text messages, emails, automated voice calls and other forms of communication are acceptable as a means to remind patients of upcoming appointments under HIPAA.
The answer is yes. The Health and Human Services (HHS) department has stated that appointment reminders are allowed under the HIPAA Privacy Rule (see here).
Of course, please keep in mind that we are not lawyers and can not give official legal advice.
The Department of Health and Human Services has officially stated that phone calls, text messages and emails are all effective and legal ways to communicate with patients regarding their upcoming appointments under HIPAA requirements. Reminding patients about appointments that they may have made days, weeks or months before is critical to providing patients with timely care and to the efficient operation of the medical office. HHS understands this importance.
When sending text, voice and email appointment reminders, it is important to realize that someone other than the intended party may see or hear the message. Because of this, you should take care to not include detailed notes about the appointment, diagnosis, or treatment plans. Apptoto's default message schedules comply with this and include only
With HIPAA appointment reminders, healthcare providers are required to comply with reasonable requests regarding the format of the reminders. For example, if a patient wishes to opt out of receiving text messages the patient can request another type of reminder. The healthcare office is not required to make a phone call or send a text message reminder if this is not a service provided by the office to other patients. However, the healthcare office will need to cease sending reminders if a patient makes the request to do so.
HIPAA appointment reminders serve an important purpose for the healthcare office as well as for the patient. Medical service providers may consider setting up service with an appointment reminder service provider if they do not currently do so. Apptoto is a highly cost-effective and convenient option to consider, and is designed to be HIPAA-compliant. Medical offices may also ask patients to state their preference regarding a type of reminder or to opt in to receive appointment reminders, and the appointment reminder service provider can work with the medical office to set this up effectively.
In order for a service provider to be fully HIPAA compliant they must adhere to HIPAA's
Privacy Rule, HIPAA's Security Rule, and be willing to sign a Business Associates Agreement (BAA).
Our HIPAA compliance program does all three by providing: