Consider encryption for an additional level of security. Providers across all medical specialties — even anesthesia — have seen many more patients via telehealth in recent months due to the COVID-19 pandemic. If your practice is in the same situation, follow this guidance from the Department of Health and Human Services (HHS) to ensure that patient signatures on digital paperwork still meet HIPAA compliance standards. Starting point: Electronic signatures are actually not discussed in any of the HIPAA rules. In fact, the HHS guidance defers to the states on this matter. “Currently, no standards exist under HIPAA for electronic signatures. In the absence of specific standards, covered entities must ensure any electronic signature used will result in a legally binding contract under applicable state or other law,” says HHS. According to HIPAA, the most important thing for providers to remember is that security measures are in place and the use of e-signatures is “reasonable and appropriate.” Tip: There are a few things that your organization can do to ensure that your patients’ e-signatures are more secure. Even though it’s not a requirement under the HIPAA Security Rule, you may want to use software and form generators that employ encryption to protect your documents and e-signatures. Additionally, if a risk assessment determines that encryption is a “reasonable and appropriate safeguard” for your organization, you should probably follow through and implement it to avoid a violation down the line. Password protection and multifactor authentication (MFA) can also help to protect electronic protected health information (ePHI). Platforms like DocuSign and PandaDoc offer a variety of templates, storage options, and legal resources to help providers with patients’ e-signatures.