Happy New Year from Hushmail! We’re enthusiastic about the year ahead. In today’s post, we’re suggesting seven New Year’s resolutions that can help you and your practice get off to a secure, HIPAA-compliant start in 2021
1. Make a HIPAA-compliance checklist
Maintaining your practice’s HIPAA compliance is well worth the effort, and it’s a good idea to renew this resolution on a yearly basis. By making a compliance checklist and sticking to it, you will go a long way toward securing your clients’ information and maintaining a HIPAA-compliant practice.
Even for those who are not required to be HIPAA compliant, following those principles and practices is a good idea in this day and age when cyber security and privacy are such major concerns. Here’s what we recommend you put on your checklist:
- Get signed BAA’s from third-party services if they could be exposed to your clients’ PHI
- Prepare and review a risk assessment and document that it has been done
- Make sure you’re not responding to reviews publicly with identifying information
- Fix your Psychology Today profile!
- Conduct regular email and web form security checks
- Be wary of addresses you don’t recognize
- Make sure you’re sending to the right recipient
- Don’t put sensitive information in the subject line
- Don’t send group emails
- Make sure you encrypt
2. Find your best-fit clients
It takes a little effort upfront, but finding your best-fit clients is something you can do this year to improve the efficiency of your practice. One of the easiest ways to sort through potential clients is by using a secure contact form on your website. When you know your contact form is HIPAA compliant, you’re freed up to ask more detailed questions that can help you determine if a potential client can benefit from your care. You can read more about finding your best-fit clients with the help of a contact form in our blog post Find your best-fit client using a secure contact form.
3. Bring clarity to how you communicate with your clients
As more people seek care online, it’s more important than ever that practitioners state in clear terms what clients can expect when it comes to communication. Make sure you’re on the same page with your clients by using these form templates from Person Centered Tech. Samples of these forms are available when you sign up for a free account with this Hushmail partner. For digital versions of the forms, you can build them yourself with our drag-and-drop form builder or contact us about our form building service, and we’ll build them for you for a very reasonable charge.
Just make sure you have the appropriate Hushmail for Healthcare plan so you can add e-signature fields to the forms.
This form explains how a client can expect to communicate with you. It covers the preferred method of communication (i.e., secure email, secure text message, secure contact form on your website, etc.), an estimated response time, contact information in case of an emergency, among other details that reassure a client of their ability to get in touch with you, while also establishing boundaries that benefit both you and your client.
Email and texting risk questionnaire
This form helps clients make an informed decision about accepting or not accepting the risks associated with email and text messaging. The risks will vary depending on the technology and software you use, as the security of different tools can vary dramatically. The questionnaire gives you the opportunity to discuss what will and won’t be used, how, and to what extent.
Request for non-secure communications
Secure, encrypted email is always the preferred choice when messages between a practitioner and client contain sensitive information. However, even after discussing the risks, you might find that some clients prefer a non-secure means of communication.
This form gives clients the opportunity to choose to use or not use non-secure communications, states that the client has been informed of the risks, and requests the client’s signature accepting those risks. Under HIPAA, clients have a right to receive non-secure communications. However, the onus is on the practitioner to have the client opt out of secure email and text messaging options before communicating with them in a non-secure manner.
4. Screen for problems before they’re out of control
This hasn’t been an easy year for a lot of people, and as a therapist, you might be seeing increases in depression, anxiety, and stress. Calculated forms can help you address these issues early. These questionnaires calculate a score and deliver it to the practitioner upon completion.
- Try out the PHQ-9 depression screening questionnaire
- Try out the GAD-7 anxiety screening questionnaire
- Try out the Depression, Anxiety, Stress Scales (DASS) template
- Try out the DASS-21 template
5. Give your clients a customized form experience
One of our new features this year was the ability to set field conditions on your secure web forms. Field conditions allow you to determine whether or not a field will be visible depending on your clients’ responses. Conditions can be set for any of the different fields you might use on your forms, including signature fields and formatted text blocks.
It’s worth the little extra time it takes to add conditional visibility to your forms because it provides your clients with a customized form experience. If a question doesn’t apply to some of your clients, they don’t have to see it on the form and will see a much shorter form instead.
Here’s how to use conditional visibility in your forms:
- At the bottom of the field setting window, click Add a condition.
- Select the field from the drop-down menu that you want to use as the condition. This field must come before the field you’re setting the condition for.
- In the next drop-down menu, add the condition you want to meet.
To learn about conditional visibility in greater depth, read our blog posts Using field conditions in your web form and Advanced techniques for using conditional visibility in web forms.
6. Share your forms
There’s no reason to recreate the same form over and over so more than one person in your practice can use it. Just share the form instead. All you have to do is enable a switch in the form’s Form settings. Multiple practitioners can use the same forms in a group practice without depleting the number of allowed forms on the practice’s Hushmail plan. Sharing is a beautiful thing!
7. Support your HIPAA compliance with secure email and web forms
Subscribing to a reliable, encrypted email and web form service that provides a signed BAA is a great way to start the year. Hushmail for Healthcare is all of this and more. We also provide friendly, accessible customer support from your first contact throughout the course of your relationship with us.
If you’re not a customer yet, we encourage you to give Hushmail a try for 60 days. If you cancel within that time, you’ll receive a full refund.
Here are seven New Year’s resolutions that can help you and your practice get off to a secure, HIPAA-compliant start in 2021: 1) make a HIPAA-compliance checklist; 2) find your best-fit clients; 3) bring clarity to how you communicate with your clients; 4) screen for problems before they’re out of control; 5) give your clients a customized form experience; 6) share your forms; and 7) support your HIPAA compliance with secure email and web forms.