Health Information Management

HIPAA Q&A: HIPAA and electronic signatures

HIM-HIPAA Insider, July 2, 2012

Q: Are digital signatures permissible on custodian affidavit/declaration forms? Signing electronically instead of printing, signing, and scanning would streamline our process. We've never seen electronic signatures on these forms. Are they admissible in court? Some jurisdictions require original signatures, but we're uncertain what California requires. Are the ­federal e-Sign Act or California's e-Sign law applicable? Our ­organization has locations in 18 states.

A: Digital signatures on custodian affidavit/declaration forms generally are permissible. They meet the more stringent digital signature requirement eliminated when the HIPAA Security Rule was finalized in 2003. Consult legal counsel to determine whether your state allows use of digital signatures on these forms. Some state laws require that certain documents are signed physically, but this is not a HIPAA requirement.
 
Electronic and digital signatures differ significantly-legally and technically. Federal law and many state laws allow electronic signatures on some documents. Electronic signatures can be a picture of a signature, an agreed-upon string of characters, a symbol, a signature typed into a signature block in an ­electronic form, and other personal non-encrypted, agreed-upon identifiers.
 
A digital signature is an encrypted "hash" or tag that is registered to an individual and ­accompanies transmission of electronic data or forms signed via computer. They are much more reliable than electronic signatures because they allow recipients to validate senders and prevent repudiation at a later date.
 
Editor's note: Chris Apgar, CISSP, president of Apgar & Associates, LLC, in Portland, Ore. answered this question, which first appeared in the May Briefings on HIPAA. Apgar has more than 17 years of experience in information technology; he specializes in security compliance, assessments, training, and strategic planning. Apgar is a board member of the Workgroup for Electronic Data Interchange and chair of the Oregon and Southwest Washington Healthcare, Privacy and Security Forum.

    Briefings on APCs

  • Briefings on APCs

    Worried about the complexities of the new rules under OPPS and APCs? Briefings on APCs helps you understand the new rules...

  • Medical Records Briefing

    Guiding Health Information Management professionals through the continuously changing field of medical records and toward a...

  • Briefings on Coding Compliance Strategies

    Submitting improper Medicare documentation can lead to denial of fees, payback, fines, and increased diligence from payers...

  • Briefings on HIPAA

    How can you minimize the impact of HIPAA? Subscribe to Briefings on HIPAA, your health information management resource for...

  • APCs Insider

    This HTML-based e-mail newsletter provides weekly tips and advice on the new ambulatory payment classifications regulations...

Most Popular

Related Articles