Are confidentiality disclaimers appended to the bottom of e-mail an effective way for our organization to comply with HIPAA?
HIPAA Weekly Advisor, July 24, 2006
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
The confidentiality notices that are appended to e-mail (and often to confidential faxes) do not absolve you of liability if you send the information to the wrong party. Such notices are also not required by the privacy or security rules.
What the confidentiality notices do provide, however, is added legal protection. They demonstrate that you have made an effort to communicate to the appropriate party and, if the e-mail or fax is somehow sent to an inappropriate third party, you have made an effort to communicate the confidential nature of the e-mail or fax, generally with instructions to contact the sender and destroy the e-mail or fax.
As it is not possible to fully protect against sending data to the wrong person, these confidentiality notices cannot be your only protection. Address this risk in a policy and procedure (e.g., the person sending the e-mail or fax must verify the e-mail address or fax number before sending the confidential information).
Editor's note: Chris Apgar, president of Portland, OR-based Apgar & Associates, LLC, answered this question. This is not legal advice. Consult your attorney for legal matters.
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Topic: CMS, OESS post new security compliance review information, checklist
- Capturing all necessary codes for IUD insertion and removal can be challenging
- What does case-mix index mean to you?
- QA:Coding multiple initial infusions
- News and briefs: Oklahoma Osteopathic Association against residency bill change
- HIPAA Q&A: Level of encryption needed for email
- OB services: Coding inside and outside of the package
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- HIPAA Q&A: Level of encryption needed for email
- CMS has reformulated payments for some bilateral procedures
- Catch up on what's new with injections and infusions
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- What does case-mix index mean to you?
- Identify modifiable risk factors to prevent patient falls
- Hospitals are not bound by InterQual criteria for determining patient status
- Searched