HIPAA, Social Media, and Technology
A Guide for Mental Health Professionals

Chapter 4: Other Technological Risks for Mental Health Professionals
Part 1: HIPAA, Email, and Your Mental Health Practice

As you know, it's your responsibility to ensure your patients' protected health information is secure, but whenever this data is transmitted, there's the risk that it could be exposed and your practice could be penalized for it.

So while HIPAA's Privacy Rule New browser window icon. doesn't prohibit communicating with patients via email, the onus of ensuring that proper security measures are in place is on you. According to the Security Rule New browser window icon., you must implement policies and procedures to restrict access to and guard against unauthorized access to e-PHI. HIPAA does allow e-PHI to be sent over an electronic open network as long as it's adequately protected.

HIPAA allows e-PHI to be sent over an open network as long as adequate security measures are otherwise taken.

Remember, too, that under the Privacy Rule New browser window icon., your patients have the right to request alternate forms of communication if they are uncomfortable with email.

Next: Part 2: On Encryption

Grab-n-Go Information

Free eBook
HIPAA, Social Media, and Technology: A Guide for Mental Health Professionals
Browse eBook
Sample certificates
See a sample Certificate of Liability Insurance, the proof of coverage you need for most contracts.
View Sample
Sample Quotes & Cost Estimates
See what insurance really costs: actual quotes by policy & specialty.
Get Estimates
Ask A Question
Submit your questions about small business insurance and get answers from our experts.
Read Answers