HIPAA EMAIL AND ELECTRONIC COMMUNICATION CONSENT
HIPAA stands for the Health Insurance Portability and Accountability Act. HIPAA was passed by the U.S. government in 1996 in order to establish privacy and security protections for health information. Information stored on our computers is encrypted. Most popular email services (ex. Hotmail®, Gmail®, Yahoo®) do not utilize encrypted email. When we conduct telehealth appointments for primary care or health consultations, send you an email, or you send us an email, the information that is sent is not encrypted. The same may apply for video visits, phone calls, or texts. This means a third party may be able to access the information and read it since it is transmitted over the Internet. In addition, once the communication is received by you, someone may be able to access your device or account and read it. Digital services are a very popular and convenient way to communicate for a lot of people, so in their latest modification to the HIPAA act, the federal government provided guidance on email, video, telephonic communications, and HIPAA.
The guidelines state that if a patient has been made aware of the risks of unencrypted email, and that same patient provides consent to receive health information via email, then a health entity may send that patient personal medical information via unencrypted email.
OPTION 1 – ALLOW UNENCRYPTED EMAIL & COMMUNICATION
I understand the risks of unencrypted email and do hereby give permission to the Yorkshire Wellness Group to send me personal health information via unencrypted email.
OPTION 2 – DO NOT ALLOW UNENCRYPTED EMAIL & COMMUNICATION
I do not wish to receive personal health information via email.