Are Appointment Reminders HIPAA Compliant?

counseling and therapy services

Healthcare professionals spend hours each week sending reminders to their patients. Whether you or your staff are taking care of it, manually sending appointment reminders each day is a huge waste of your time. Did you know that you can send automated HIPAA-compliant appointment reminders? Through automation, you can save yourself, your staff and your practice hundreds of hours and thousands of dollars each year.

Why HIPAA Compliance Matters

The healthcare industry is typically known as a technology laggard. Though medical advances are cutting-edge, the healthcare technology landscape (like EMR/EHR systems, etc) is oftentimes lacking.

HIPAA (Health Insurance Portability and Accountability Act) compliance is a scary topic for most healthcare professionals. Between malpractice lawsuits and patient data breaches, the liability risk for the healthcare industry is incredibly high. As a result, it can be difficult to choose a new technology provider that you can trust to keep both your patients and your practice, safe. To that end, most healthcare providers we talk to choose to do things the hard way (i.e., the manual way) rather than invest in a HIPAA-compliant appointment reminder service that can save them and their staff hours every single week.

How to Send HIPAA Compliant Appointment Reminders

The Department of Health and Human Services has officially stated that phone calls, text messages and emails are all effective and legal ways to communicate with patients about upcoming appointments under HIPAA requirements. Reminding patients about appointments that they made days, weeks, or months before is critical to providing patients with timely care and to the efficient operation of the medical office. When sending text, voice, or email appointment reminders, it is important to remember that someone other than the intended party may see or hear the message. Because of this, you should take care not to include detailed notes about the appointment, diagnosis, or treatment plans. Apptoto’s default HIPAA compliant appointment reminder templates include only:

  • Date and time of appointment
  • Provider’s name or company
  • Location of appointment

Apptoto’s message templates let you tailor your messages to meet your needs. For example, providers who do not include the full name of their practice, opting instead for initials only, as a way to further protect their patients’ privacy.

See how Apptoto works with your existing scheduling workflow to send HIPAA compliant appointment reminders to your patients. Apptoto doesn’t require you or your staff to learn about any new scheduling processes. With a simple integration, Apptoto will extract contact data to send timely and effective automated reminders.

How Apptoto Keeps Patient Data Secure

In order for a service provider to be fully HIPAA compliant, they must comply with HIPAA’s Privacy and Security rules. The provider must also be willing to sign a Business Associates Agreement (BAA). Our HIPAA-compliance program does all three

We know how important it is to keep your patient’s data safe. When you integrate your data with Apptoto via either your EMR/EHR system, your appointment calendar or even by uploading directly from a CSV, Apptoto takes that data and stores it on a HITRUST Certified Server powered by Amazon Web Services. We also protect the transfer of that patient data through encryption, both in-motion and at-rest. Here are some additional details on our security measures:

  • Accounts are stored and run on HITRUST Certified servers for HIPAA Compliance (all sensitive “at rest” data encrypted)
  • All sensitive “in transit” data encrypted (this does not include SMS and Email messages sent)
  • Logging disabled on server
  • SSL is used for all communications
  • Account disabled after 6 failed attempts
  • Courtesy compliance review of message content
  • Only Apptoto personnel trained in HIPAA compliance (via Accountable) and having undergone background checks will have access to your account
  • Signed Business Associates Agreement

To learn more about Apptoto’s HIPAA compliant appointment reminders, click here.