Email is now an expected part of professional life. How to use it with clients and patients is worthy of discussion. One of the first and most serious issues worthy of consideration is our ethical responsibility to protect privacy and confidentiality of any clients/patients who we allow to share personal information with us in email.
Privacy is the client/patient’s legal right to have their personal information protected by us as their treating professionals. Confidentiality is our legal obligation as professionals to protect the privacy of our clients/patients.
A few of the most common problems related to the privacy and confidentiality of email include:
- Email is easily delivered to unintended parties.
- Even when delivered to a proper address, they may be intercepted by unintended recipients, such as the parent or child of the addressee.
- Many emails include a full transcript of the history of the discussion, which raises confidentiality concerns.
- If an employer’s computer is used for email, technically the employer owns the email, not the client.
- Also, most email programs are not HIPAA compliant and email is transferred through many different servers that are not typically compliant, either.
Solutions for delivering email in a hip compliant manner include the following two approaches:
- Both the sender and receiver of an email hello parties can use an encrypted email service. These solutions can be a nuisance because it requires using that specific account every time you want to send an email securely, rather than your current email program.
- You can develop a secured website, where your client/patient completes a form that sends their information to your secured website. Any well-qualified web manager can set this up by purchasing a “security certificate” from your web hosting company.
Disclaimer: The views and opinions expressed in the article and on this blog post are those of the authors. These do not necessarily reflect the views, opinions, and position of the Telebehavioral Health Institute (TBHI). Any content written by the authors are their opinion and are not intended to malign any organization, company or individuals.