Q: I work for a small rural hospital, and we have a lot of budget limitations for technology upgrades. Can we allow clinical staff to use their personal cell phones and mobile devices to communicate with patients? If so, how can we keep our calls, email, and text messages HIPAA compliant?
Patients are getting emboldened in the digital age and want quicker, more efficient—immediate, really—access to medical records. Further, the government is reinforcing existing regulations and creating new rules around data sharing that require entities to make healthcare records more accessible and deliver records to patients in their desired electronic format. Technology innovation has made this much easier for healthcare facilities to accomplish.
Q: We do in-depth HIPAA assessments for our clients, but some clients want a simple assessment that they can keep up with them to maintain compliance. Do you have any recommendations for streamlining security assessments?