HIPAA FAQ

Our HIPAA FAQ provides answers to some of the most frequently-asked questions about HIPAA. The page is regularly updated to reflect changes to working practices and technological advances, and new areas of guidance issued by HHS´ Office for Civil Rights. To keep up to date with the HIPAA FAQs published on this page, it is possible to follow HIPAA Answers on Twitter.

Q: Is Skype HIPAA-compliant?

A: Skype has been increasingly used by business as a quick and cost-effective form of communication. However, the question remains whether Skype can be used by healthcare professionals in a manner which allows them to send text messages containing electronic protected health information (ePHI) without risking violating HIPAA Rule. (Read More)

Q: What is HIPAA-compliant text messaging?

A: Since its implementation two decades ago, there has been much ambiguity in whether the use of SMS is HIPAA compliant. HIPAA does not explicitly prohibit communicating Protected Health Information (PHI) by text, a system of administrative, physical and technical safeguards must be implemented to ensure the confidentiality and integrity of PHI when it is “in transit”. (Read More)

Q: What are the HIPAA rules for dentists?

A: Many dental offices and dental practitioners are self-contained entities. However, HIPAA rules for dentists apply to any dental office that may send claims, eligibility requests, pre-determinations, claim status inquiries or treatment authorization requests electronically. (Read More)

Q: Are phone calls a HIPAA violation?

A: The rules regarding HIPAA compliance and patient telephone calls have been clarified with a Declaratory Ruling and Order issued by the Federal Communication Commission (FCC). (Read More)

Q: What are the penalties for violating HIPAA?

A: The Department of Health and Human Services’ Office for Civil Rights (OCR) and state attorneys general have the power to issue penalties for HIPAA violations. Alongside the financial penalties, covered entities (CEs) are further required by law to adopt a corrective action plan to bring policies and procedures up to the standard. (Read More)