Share, , Google Plus, Pinterest,

Print

Posted in:

Why Medical Practices Can’t Use GMail

Much of the new regulatory information coming out of Washington is email-envelope.jpg getting increasingly more difficult to translate into English. I was recently asked whether a medical practice could use Google’s free email service GMail instead of spending money on a mail server and its associated server software. After checking with our own head of IT, I discovered it is a bit more complicated than just picking where you want to store your emails.

Buried deep within the HITECH (Health Information Technology for Clinical and Health) Act’s Sub-Title D is the language on privacy directly related to HIPAA (Health Insurance Portability and Accountability Act). Since most of us (health care providers) are considered “covered entities”, we must ensure that not only our employees and staff abide by these rules but our “associates” do as well.

If we started using GMail for our practice’s communication, there would be patient information located on Google’s mail servers and Google would, in fact, be considered one of our associates. This would require entering into a Business Associate Contract with Google, Inc. What do you think the chances are of Google, or a similar technology firm, signing a confidentiality agreement with perhaps thousands of medical practices across the country? I thought so.

Digital Business Law Group has an analysis of the language found in HITECH’s Sub-Title D – Privacy section that makes it a bit easier to comprehend.

3 Comments

Leave a Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.