What therapists and Hillary Clinton have in common

photo credit: Diana Walker of Time

photo credit: Diana Walker of Time

Recent news reports are telling us that when Hillary Clinton was the Secretary of State, she may have used her personal email to conduct official business. I had to smile when I read about it, because it reminded me of therapists and our questions and problems about HIPAA-compliant email use.  (I also felt grateful that my mistakes don’t get reported by major news agencies!)

The truth is, lots of therapists and government officials both are still using technology in ways that aren’t consistent with recommended security practices. Most of the therapists I talk with are still using ‘regular old email’ to communicate with clients.

You can email with clients and be HIPAA-compliant, provided you jump through some hoops first. (Full details of those hoops are covered in the videos & workshops.) Therapists, like government officials, have to make sure that their communication practices are secure, reliable, and founded on good internal policies.

Here are some steps you could take today:
1.  Put email in your risk assessment.  You or your IT helper need to identify and evaluate the security risks associated with email.
2.  Get your clients’ informed consent before continuing to email.
3.  Limit what you email about.
4.  Look in to an email provider who will sign a BAA with you.  (There are several; I use Google Apps for Business.)

But either way, let’s use this 15 minutes of media attention on proper email use to remind ourselves that it’s an important compliance item for therapists, too.