Tech & Innovation in Healthcare

Reader Questions:

Take Care of e-Signature Security

Question: A recent compliance risk assessment determined that the e-signatures we use and have our patients use were accessed by someone outside of our practice. This was an audit, so we didn’t identify breaches, but would like to know what we can do to protect this information going forward?

Missouri Subscriber

Answer: Even though it’s not a requirement under the HIPAA Security Rule, you may want to use software and form generators that employ encryption to protect your documents and e-signatures.

If your recent risk assessment determines that encryption is a “reasonable and appropriate safeguard” for your practice, you should probably follow through and implement it to avoid a violation down the line.

Password protection and multifactor authentication (MFA) can also help to protect electronic protected health information (ePHI). Platforms like DocuSign and PandaDoc offer a variety of templates, storage options, and legal resources to help providers with patients’ e-signatures.