Apparently the VA is rumored to take a hard line approach, severely restricting physician/patient emails. Any wonder why emails are so slow to take off?
New VA regulations do restrict any e-mail communications with patients to non-medical content such as when your next appointment is, or a request that they call you and giving your number. We also will be getting software starting this next week that will filter for any inclusion of SS# in any e-mails that are outgoing and prevent their transmission. There are no exceptions.
{ 6 comments… read them below or add one }
For all the paranoia about e-mail security, where are the actual examples of harm, medical, financial, identity theft or otherwise.
If you wish to target a specific individual, the simplest path to intercept communication is via mail and telephone. The idea that someone can wade into the flow of billions of e-mails flowing through the ether to find me seems improbable. Futher, the ease with which traditional forms of communcation can be diverted by filing a form with the post office for an address change, or similarly coopting the phone number and phone line is shockingly simple, yet rarely done.
The VA probably has other motives for restricting e-mail patient contact and is hiding behind HIPAA. Perhaps they fare better financially with in person visits. As a government agancy, they must insure that their budgetary requirements are spent every year and can show a demand for more spending the following year. Spend it or loose it in government, versus spend it or keep it in the real world.
The VA may well have good reason for doing what they do, but it has nothing to do with HIPAA.
Nothing in the law affects direct physician-patient communication.
If your medical data were revealed to the world, how much would it really affect your life?
I’d venture to say, the vast majority of people, it would make no difference if their hypertension or hemorrhoid history were revealed on the front page of the New York Times. Heck even most psych history. You’re a little depressed, join the club.
On the other hand, if your financial data were revealed on the front page of the Times……your SSN, your bank account numbers, brokerage account, IRA, etc., I would daresay that’s a problem.
Yet we bank on-line, pay bills on-line, and that’s not a problem.
As I recall, the VA does use the SSN as a patient identifier, so that would be a problem as it would often end up in E-mails.
To the extent there have been data breaches, and there have been a lot, it’s been stupidity. An administrator leaves a laptop computer full of SSN’s and patient names on a table at Starbuck’s or something similar.
I agree, the VAs technology is old, their e-mail not secure and previous breaches have left congressional shoe-prints on the department’s collective backside.
I bet nobody here gives a second thought to handing over your credit card to some pimple-face teenaged waiter who takes it who-knows-where out-of-sight for 15-minutes. This is just plain silly.
There is actually a private and secure web based service for email communications between physicians and patients,www.housedoc.us. Its free, easy to use, HIPAA compliant, and open to all physicians including in the VA system.