A question that sometimes comes up with regard to HIPAA compliance is whether email reminders and notifications are HIPAA compliant.
Though it might seem like a bit of a gray area because the appointment reminder and notification emails do contain Personal Health Information and the emails are not encrypted, the Privacy Rule under HIPAA does allow for covered entities to accommodate an individual’s request for certain types of communication.
The HHS.gov site gives appointment reminders via email as an explicit example of this:
“A health care provider should accommodate an individual’s request to receive appointment reminders via e-mail, rather than on a postcard, if e-mail is a reasonable, alternative means for that provider to communicate with the patient.”
Also, while logged in to their Jane account, your patients/clients can opt in or out of these appointment reminder/notification emails. Your patients have a real choice!
People also like to read this one: HIPAA and Marketing Emails
Still Have Questions?
Have any questions about this guide or anything else related to privacy? Feel free to email Privacy and Security Support at [email protected] and we’d love to clarify anything you’re unsure on!