Part Deux of my guest post series at Tamara Suttle’s blog is up. This time I’m busting the myth that HIPAA says you can’t email your clients. Even if you’ve read all my stuff and already know that, there’s some good discussion going on over there that’s well worth jumping into.
Read the article and join the discussion
Roy,
Some practice management programs are sending automatic/default emails to clients in order to complete the registration process. The email contains the initial username and password and when the client logs in the change their password and finish registering. What are your thought on this practice in regards to HIPAA compliance? Thank you, PS thank you for you individual consultation, Very Helpful!
This would indicate to me a poor culture of security at the company. I would ask them about why they do this and ask them to provide convincing evidence that they have someone at the executive level whose job is to maintain security in the product.