NEW HIPAA Compliant Texting Guidance: Avoid Audits & Penalties

Date: Tuesday, August 6, 2024 1:00PM EST Length: 60 Minutes Expert: Iliana Peters, JD, LLM, CISSP

Communicating patient information via text and email may be convenient, but it can also be very dangerous — particularly in light of CMS’ NEW 2024 update to the rules around texting patients.

Federal and State HIPAA laws significantly restrict how you utilize text and email when transmitting patient data. Failure to comply with these complex rules can leave you exposed to a HIPAA audit and significant financial penalties.

Don’t make the mistake of thinking that only hospitals get targeted for a HIPAA violation and end up paying penalties. That was certainly the case in the early years of HIPAA enforcement. However, recently, 74% of penalties were imposed on practices just like yours.

The good news is that you can avoid massive federal and state HIPAA violation fines and penalties with a few simple changes to your current processes. But only if you can identify the danger zones. Figure out how by attending this upcoming online training being presented by the former Head of the HIPAA program for the Department of Health and Human Services, Office for Civil Rights, Iliana Peters, JD, LLM, CISSP.

During this live online training on Tuesday, August 6th at 1 pm ET, Iliana will walk you through exactly how to prevent federal and state violations and fines because of noncompliance with emailing and texting HIPAA laws. You’ll be surprised by what can land you in serious trouble.

Here are just a few of the practical, step-by-step tactics you’ll receive that will help you protect your practice from being penalized for HIPAA compliance violations related to emailing and texting patient information:

  • Discover what CMS’ new Feb. 8 memo requires if you plan to text patients
  • Choose the safest communication method: patient portal vs. email communications
  • Protect yourself from HIPAA violations with one simple item added to your emails
  • Identify when you can send PHI via email – or if you ever should
  • Stop the worst internal text message HIPAA violators from sinking your practice
  • Prevent private email use (i.e., Gmail, Yahoo etc.) from ending in catastrophe
  • Improve HIPAA security for all of your messaging easier than you thought possible
  • And so much more…

WARNING: Texting and emailing HIPAA violations are not always caused by what you might think. For example, you may believe that you’re safe as long as you don’t text your patients – WRONG. The most significant violations generally occur when your providers text or email staff. Also, you may not realize that each individual member of your staff is at personal risk. HIPAA can and does fine individual staff for their involvement in violations.

Regardless of specialty or practice size, your texting and emailing can be a ticking time bomb just waiting to cause a HIPAA explosion. Get the inside scoop on how to protect your practice from email and texting privacy violations by attending this upcoming online training presented by HHS’ former Head of the HIPAA program.

Meet Your Expert

Iliana Peters
JD, LLM, CISSPConsultant, Polsinelli Healthcare Solutions

Iliana believes good data privacy and security are fundamental to ensuring consumer participation in new technologies, employee-employer relationships, patients’ trust in the health care system, students’ confidence in their education, and helping all clients succeed in an ever-changing landscape of threats to data security. She is recognized by the health care industry as a preeminent thinker and speaker on data privacy and security, particularly with regard to HIPAA, the HITECH Act, the 21st Century Cures Act, the Genetic Information Nondiscrimination Act (GINA), FERPA, the Privacy Act, state law data privacy and security requirements, and emerging cyber threats to data.

For many years, Iliana both developed information privacy and security policy, including on emerging technologies and cyber threats, for the Department of Health and Human Services, while coordinating with the Department of Justice, Department of Education, other federal agencies, State Attorneys General and the White House. She enforced HIPAA regulations through spearheading multimillion-dollar settlement agreements and civil money penalties pursuant to HIPAA.

She also focused then on training individuals in both the private and public sector, including compliance investigators, auditors, and State Attorneys General, on federal and state regulations and policy, and on good data privacy and security practices. Now, Iliana works closely with her clients on complicated compliance questions, incident response, investigations, and training to protect data and avoid legal risk and legal liability, both at the state and federal levels. ILIANA also supports clients’ defense of individual and class action litigation related to all types of data privacy, security and breach claims.

As a CISSP, she works hard to bridge the gap between legal requirements for the security of health data and security industry best practices, so that clients can better understand data security issues and jargon. ILIANA enjoys using her extensive experience drafting, implementing, and enforcing health privacy and security regulations and guidance in a practice that focuses on helping clients develop and implement good data privacy and security practices to avoid risk, and helping clients prepare for and recover from emerging cyber threats.