Rules for Sending E-Mail Messages to Patients

Message Rules

Comments

Do not deliver bad news via e-mail.

This applies to any significant confidential information.

If sending emails to more than 1 recipient, always address the recipients using the "blind carbon copy" ("bcc") field. If possible, send messages to only 1 recipient at a time.

The goal is to keep patient's email address and medical problems confidential. Also consider using a distribution list.

Set your email messages to provide acknowledgement of receipt by the patient.

Instruct your patients to reply in the body of the message.

You should reply to their messages in the body of the message also. This should be done in a distinctive manner (text delimiter, font change, color change).

Never forward patient identifiable information to a third party via email without the patient's express permission.

This would be a HIPAA violation.

Avoid anger, sarcasm, harsh criticism or any potentially libelous references to third parties in outbound messages.

Once you have sent an email message you have no control over what the patient does with that message.

Develop an e-mail policy for use in your practice. Make this available to patients who want to communicate with you by email.

Have the practice security officer review your policy and procedures for potential HIPAA violations.

Let patients know that failure to adhere to the e-mail policy can result in you refusing to use of email as a means of communicating with them.

Let them know this is a privilege and not a right. Consider having them sign an agreement that includes written guidelines.

Copy any messages containing confidential medical information into the patient's medical record.

Double check all "To" fields before sending a message.

Double check anything in the message before sending it.

If message content falls outside of your policy parameters, then call the patient instead of sending an email.

Either call promptly or send an email notifying the patient when you will call.

Use standard subject lines defined in the e-mail policy.

Use a banner at the top of each e-mail message stating that this is a confidential communication.

"CONFIDENTIAL"

Include your full name and contact information beneath your name at the end of the message.

Routinely include only that contact information you feel comfortable with being potentially public.

Include standard reminders about security and alternative forms of communication in the event of an emergency.

Additional Message Rules (Mine)

Comments

Autosend a copy of each message to yourself.

This can help prevent problems if a recipient decides to modify your e-mail.

Be sure that you have a high level of security including password protection on your email account, address book and any exported patient messages.

Have a policy for retention and deletion of emails online.

You should determine how long to retain email messages. Eventually you will need to decide to either delete the messages or archive to a secure medium.

Try to respond to all emails promptly.

If out of the office, either forward incoming emails to a trusted colleague or activate automatic notification to the sender of being out of the office.

If sent to a colleague, he or she should include their name and why they are responding.

Be careful in responding to emails sent by a person using someone else's email account.

If you think there may be a misunderstanding, promptly call the patient.

Document the call in the patient's medical record.

If you agree to use e-mail with a patient, be sure to collect and verify all e-mail addresses.

Know how to extract a sender's name and e-mail address into your address book.

Pay attention to the list of recipients in an e-mail from a patient before responding.

Replying to the sender or to all addresses may be appropriate depending on the circumstances.