Posts in HIPAA
Google Voice and HIPAA Compliance

Having a business phone line that is managed through a HIPAA-compliant app on your phone is a great way to prevent client information from leaking into your personal accounts. If you use an iPhone, for example, you really don’t want to risk having clients text you through iMessage, which is not HIPAA compliant because Apple will not give you a BAA. Google Voice may be a great option for you, but you need to make sure you know what you’re getting into and how to set it up correctly.

Read More
Secure messaging: what it is and why you need it in your lactation practice

Many of us live in countries with privacy regulations that affect our business activities. Additionally, IBCLCs have an ethical obligation to protect client privacy that may supersede our legal obligations. Secure messaging offers our clients the highest level of privacy and by making it available to our clients we can meet our legal and our ethical obligations at the highest level. ​

Read More
How to be a HIPAA Compliant Lactation Consultant

Being HIPAA compliant isn't optional for IBCLCs. Our clients are entitled to insurance reimbursement for our services under the Affordable Care Act. In order for them to be able to submit the appropriate paperwork, we need to have an NPI number, and that number is what transforms us into a HIPAA-covered entity. In order to help you understand your responsibilities under HIPAA, I've created this free guide.

Read More
HIPAA Compliance for Doulas

HIPAA (The Health Insurance Portability and Accountability Act) doesn't have anything to do with what kinds of services are being provided. HIPAA exists as a way to regulate communications with health insurance insurance companies. If you are communicating with a health insurance company about anyone other than yourself, you are by default subject to HIPAA and must comply with the law.

Read More
Getting PHI Out of a Free Gmail Account with the Fewest Tears Possible

So let's say you read my book or even just my last blog post, and you are now freaking out because you have been using a free Gmail account to communicate with your clients. You may have thousands of emails, every single of of which contains Protected Health Information (PHI). 

You may think your only option is the nuclear one, where you delete all of your emails, and that certainly would do the trick. But what if you want to preserve the contents of those emails? You're going to need to get that PHI out of the free account and into a secure account, and I'm going to give you a workflow to make that happen in an systematized, efficient, and thorough way.

Read More