Communicate with Patients and Follow HIPAA – MACRA and MIPS

MACRA and MIPS Accelerate Patient Engagement

Health care providers who accept Medicare are adapting to new rules under the Medicare Access and CHIP Reauthorization Act or MACRA.[1] The law is dense and complicated, but essentially, its purpose is to adjust payment measures to reward the delivery of high-quality patient care. The Merit-based Incentive Payment System (MIPS) is a core element of the change from prior rules. The relevance to HIPAA is that a central element of MACRA is an increased focus on patient engagement because when patients are engaged in their own healthcare, outcomes improve.

Effective patient engagement requires regular patient communications. The problem is that communications raise the risk of disclosure of protected health information (PHI). And today, with the use of email and text messaging, the risk is even greater. Ninety-nine percent of patients today use social media and most prefer regular, unencrypted email and texting. Unfortunately, they may not have considered the consequences.

Using unencrypted emails and text messages is like handing a postcard to someone in L.A. who will hand it off to a million people as it travels to N.Y., and each of those million can read it anywhere along the line.

HIPAA Can Help with Easy to Follow Step-by-Step Rules

HIPAA provides a 3-step safeguard that helps both providers and patients –  providers will stay in compliance and patients are engaged in maintaining privacy of their own PHI. 

Simply stated, it includes:

  1. Notice – a duty to warn;

  2. Let the patient decide; and

  3. Document the warning and response in writing.

If a patient says “no” to unencrypted communication, take steps to encrypt and inform your workforce and business associates, and document these steps. A common misunderstanding is that if a patient initiates communication through email, the provider can assume the patient accepts this method. Although this was the HHS policy in 2008, it changed in 2016 when the duty to warn became law. 

The HIPAA E-Tool® is always up to date

Letting patients decide and documenting the process is easy with The HIPAA E-Tool®.  Below is an excerpt from Policy PR-3 – Request for Confidential Communication. Form PR-3.B – Unencrypted Text Message and Email Language for Information & Registration Update Forms is all you need.

 Easy to use,  The HIPAA E-Tool ® helps you communicate with patients and documents actions taken 
Easy to use, The HIPAA E-Tool ® helps you communicate with patients and documents actions taken 
 
 96 
 Normal 
 0 
 false 
 false 
 false 
 EN-US 
 X-NONE 
 X-NONE 
 /* Style Definitions */
table.MsoNormalTable
 {mso-style-name:

96

Normal
0

false
false
false

EN-US
X-NONE
X-NONE

/* Style Definitions */
table.MsoNormalTable
{mso-style-name:”Table Normal”;
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:””;
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:Calibri;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;}

Patients want email and text messages and you CAN do it within the law. Follow the steps.

 

 

[1] A full review of MACRA is beyond the scope of this blog but a good summary can be found here: https://qpp.cms.gov/docs/QPP_Executive_Summary_of_Final_Rule.pdf and elsewhere on the web.

 

Share This Post

Share on facebook
Share on twitter
Share on linkedin

Maggie Hales

Maggie Hales is a lawyer specializing in health information privacy and security. As CEO of ET&C Group LLC she advises health care providers and business associates in 36 states, Canada and the EU, using The HIPAA E-Tool® to deliver up to date policies, forms and training on everything related to HIPAA compliance.

Copyright © 2019 The ET&C Group LLC.
The HIPAA E-Tool® is a registered trademark of The ET&C Group LLC
Terms of Service | Privacy Policy