Health Information Compliance Alert

Reader Questions:

Is Patient Consent Necessary For Secure Communications?

Question: Is patient consent required under HIPAA to allow secure encrypted communications with the patient?


Answer: No, you do not need patient consent in this situation, answers Jim Sheldon-Dean, founder and director of compliance services for Lewis Creek Systems LLC in Charlotte, VT. You do not need patient consent “if the communications are encrypted and secured, and you’re following all the guidance for securing communications over your secure website or using some kind of a secure email service.”

“You can use secure applications and secure texting,” Sheldon-Dean notes. “And once everything is properly secured, there is certainly no consent involved because you are not coming anywhere near to any of the security violations or you’re not exposing the individuals to the risks that they might be exposed to otherwise.”