Whether we are sending or receiving emails, most practices communicate everyday via email. When it comes to best practices for compliant email communication and signatures, what does that mean?
DISCLOSURE STATEMENT & ENCRYPTION. The Department of Health and Human Services requires “reasonable safeguards” to be in place when using email to transmit protected health information (PHI). The Office of Civil Rights states in their Companion Document Series to The Nationwide Privacy and
Security Framework for Electronic Exchange of Individually Identifiable Health Information:
Safeguards Principle: Individually identifiable health information should be protected with reasonable administrative, technical, and physical safeguards to ensure its confidentiality, integrity, and availability and to prevent unauthorized or inappropriate access, use, or disclosure.
In the world of oral surgery, that means a disclosure statement should be attached to all emails that may contain protected health information for patients. The disclosure statement is simple: it states if the recipient received the email in error, to please notify the sender and discard the email.
Any email containing PHI should be encrypted. The most common example of where encryption is required is when the Patient Care Coordinators email x-rays and/or treatment letters back to the referring doctor. However, anyone that sends PHI should have encryption attached to their email
Encryption is a separate service from your hosted email service that is typically set up through your IT professional. Encryption tools are very simple to use – some require selecting a small “lock” on your email tool bar, while others require putting the word “Secure” or “Encrypt” in the subject line.
PROFESSIONAL SIGNATURE. In addition to being in compliance with HHS and OCR, having a professional signature accompanying each email is indicative of overall good customer service.
We recommend using the email signature below for every email account that is in use for the practice. This includes emails for doctors, managers, individual staff and “group/team” email accounts, such as firstname.lastname@example.org or email@example.com.
COMMUNICATION WITH SENDERS. Setting up an Out of Office Reply when you are on vacation or away from the office notifies the email sender that your response may be delayed. Again, this is just good customer service!
OTHER TIPS FOR CREATING A PROFESSIONAL EMAIL SIGNATURE
Double check the content with spell check.
The email signature set up from a desktop or tablet doesn’t transfer to the email on a cell phone. Remember to update those email signatures as well!
Use a common font such as Calibri, Arial, or Times New Roman for the typeface. Other fonts can be challenging to read.
For group/team emails, your signature can be customized to say, “Administrative team at Apple Valley Oral and Facial Surgery”. However, when emailing a patient or another office, the sender should always include their first name so it is clear who is sending the email in case the recipient has questions about the content.
If the doctors are using another email address for sending work-related emails, such as Dr.OMS@gmail.com, the disclaimer below should be added to that email signature as well.
Office Manager (Title or Department)
Apple Valley OFS (Name of Practice)
123 Mulberry Street (Address)
Springfield, MA xxxxx
OPTIONAL: Add icons for social media! Ask your IT/marketing company for help with this.
Confidentiality Notice: This email message and any attachments are confidential and for the sole use of the intended recipient. This message may contain Protected Health Information (PHI). PHI is confidential information protected and governed by the Health Insurance Portability and Accountability Act (HIPAA). There
are penalties under the law for the improper use or further disclosure of PHI. If the reader of this email is not the intended recipient or his or her authorized agent, the reader is hereby notified that any dissemination, distribution, or copying of this email is prohibited and may be unlawful. If you have received this email in error, please notify the sender by replying to this message and deleting this email immediately. Please
indicate that you were not the intended recipient, and confirm that you have deleted the original message. Please do not retransmit the contents of the message. Thank you.