Professionalizing Your Practice: HIPAA Email Disclaimer
Would you say that email communication is one of the primary ways that you “speak” to your clients? You are probably like many other healing professionals who use email since it is fast, easy, and most people have email accounts. If this is the case with you, then consider adding a HIPAA disclaimer to your messages for your practice. Why should you do this?
You already know that client confidentiality rests at the core of HIPAA and to satisfy the requirements, you maintain certain procedures and documentation for confidential and personal information. So how does HIPAA compliance affect email communications? While you might say that you usually don’t include sensitive personal information in client emails, having a disclaimer is a smart risk preventation step to take.
There are several reasons why adding a HIPAA disclaimer is advised:
- The disclaimer reminds you and your associates about HIPAA and the importance of following HIPAA protocol when dealng with sensitive information.
- Clients are educated on how to protect and respond when they receive an email message from you.
- Recipients are warned that private information could be compromised, and the message might contain sensitive information that’s not 100% secure.
- In cases where an email is sent to the wrong person, the HIPAA disclaimer requests recipients to forward the email to the correct party and/or properly dispose of it.
If adding a disclaimer to all your outgoing client emails sounds like a nuisance, it is actually quite simple. All you need to do is add the HIPAA disclaimer wording to your email system’s signature template and you’re set!
And if you need more good reasons to add a disclaimer template, here are a few:
- Disclaimer wording includes only what you want to say
- Avoids omitting important messaging
- Retains important clauses you need to keep
- The format of a personally worded disclaimer could be incorrect
To make it easy for you, here is a disclaimer for you to use:
WARNING: CONFIDENTIALITY NOTICE – This email, including any attachment, may contain confidential information with is intended only for the use of the individual(s) or entitled named. If you received this email message in error, please immediately notify the sender by email and delete it. Dissemination, forwarding, printing or copying of this email without prior consent of the sender is strictly prohibited. Thank you for your compliance.
Adding a HIPAA disclaimer also tells your clients that you care about their privacy, and you are vigilant about maintaining confidentiality. And that is smart marketing on your part!
NOTE: If you are not sure whether you are a practitioner required to follow HIPAA, the following information might be helpful:
You would need to be HIPAA compliant if you respond “yes” to any of the following:
- You maintain session notes for each client
- You require intake forms from each client
- You have client communications containing confidential information
- You have liability or malpractice insurance coverage in case client files are subpoenaed
If you get the feeling that HIPAA is a little vague with its definition of “covered entity” and you’re not sure whether the law applies to you, it is always smart to take the HIPAA path regarding the handling of private information. Remember, you are a guardian of your client’s confidential records, not the owner, and respect for the privacy of your clients takes precedence.