Doug Williams SEO Services
Increasing Traffic, Increasing Conversions
Home | SEO Blog
503.389.5650

Is Your Medical Website HIPAA Compliant?

Doug Williams @ 5:34 am

This blog entry was posted on December 23, 2008.

HIPAA is a congressional act that governs how electronic information pertaining to medicare/medicaid must be handled.

The new HIPAA Laws are now in effect. An owner of a medical website must take steps to secure their website and ensure that any patient information is fully protected. “Protected Health Information” or PHI may not be used or disclosed without a valid authorization. This applies to past, present or future health conditions, health care or payments for health care.

How does this apply to a medical website? There is a very specific set of regulations that now applies to the electronic transmittal of information. HIPAA Privacy and Security Regulations require medical providers to use reasonable and appropriate safeguards to “ensure the confidentiality, integrity, and availability” of any health information transmitted electronically.

This means that PHI transmitted electronically over open networks must be protected from being intercepted by anyone other than the intended recipient.

  1. Forms that a patient can fill out online must be fully secured and encrypted. This includes patient registration, prescription refills, appointment requests and medical history forms.
  2. Contact forms and other website forms must be secured and encrypted.
  3. Login areas must be fully secured and encrypted where patients can view lab results and ask questions of their doctor or pay a bill.
  4. Encrypted patient-physician email. Standard email communication is not allowed. This would include the use of web mail, hotmail, AOL or even Outlook for patient communication.
  5. HIPAA Privacy Statements. Website should include both an online version and a printable version of the HIPAA Privacy Statements.
  6. Passwords: These should meet the Microsoft strong password guidelines. This includes using passwords of seven characters or more and containing at least one uppercase, lowercase, number, and symbol.  Passwords must be changed regularly, generally every 45 days.

If You Like this posting please +1 it!

Related posts:

  1. Dangers of Medical Blogging

Filed under: Internet Marketing,Website Design

This entry was posted on Tuesday, December 23rd, 2008 at 5:34 am and is filed under Internet Marketing, Website Design. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

4 Comments

  1. For those physicians who don’t already have access to HIPAA compliant communications, there is a free online service, http://www.housedoc.us, that can be used for communications with patients. Its open to everyone, but both the doctor and patient has to register, and communications is by mutual consent.

    Comment by Housedoc — August 16, 2009 @ 8:29 am

  2. Quality medical web design plays a critical role in modern medical communications. An effective logo is the foundation of marketing any medical practice.

    Comment by bizmedical — May 27, 2010 @ 6:20 pm

  3. The key to marketing for anyone in the medical profession is to convince prospective patients of the quality of care they will receive for the price they are charged.

    Comment by bizmedical — August 26, 2010 @ 6:42 pm

  4. yes we need a quality medical site with the relevant topics in it and with full description on a particular problem.. we know the fact that you cant cover the whole thing by just in one site.. but at least define one thing in one site clearly..
    keep up the good work

    Comment by Portland SEO, User — October 14, 2010 @ 2:49 pm

RSS feed for comments on this post. | TrackBack URL

Leave a comment