How to E-mail Patients Without Worrying About Liability

By Reni Gertner

As more and more doctors use e-mail to communicate with their patients, their lawyers are jumping in to help them establish policies and procedures to avoid having the practice land them in legal hot water. From concerns about being sued for medical malpractice for missing key illness details to fears of breaching the confidentiality of patients’ electronic health information, using e-mail to communicate with patients without following proper guidelines could become a physician’s legal nightmare.

However, by establishing clear procedures, doctors can communicate with patients electronically while minimizing the risk of being sued. “If the medical practice is saying this is something they want to do to make their business be more user-friendly, the goal should be to facilitate that while making sure patients’ expectations are appropriately set,” says Boston attorney David Szabo, co-chair of the healthcare group at Nutter McClennen & Fish. Lancaster, Pa., attorney Jim Saxton, who practices at Stevens & Lee, agrees. “It’s here,” says Saxton, who represents medical professionals and hospitals and has written books about proactive risk management. “I don’t think we can afford to say, ‘There might be liability exposure, so we’re not going to do it.’”

In fact, some experts contend that using e-mail may even help doctors reduce the risk of being sued. “Used wisely and well e-mail can reduce your malpractice liability,” asserts Dr. Daniel Sands, an internist at Beth Israel Deaconess Hospital in Boston and the Senior Medical Informatics Director of the Internet Business Solutions Group at Cisco Systems. Sands believes that using e-mail can lower the risk of litigation by “reducing barriers to doctor-patient communication” allowing “self-documenting” of physician-patient interactions. Approximately 10 percent of med-mal lawsuits won by patients stem from the doctor’s lack of documentation in the record, he notes.

Balancing Risks and Benefits

Attorneys say that physicians need to pay attention to both federal and state law in order to reduce their legal risks when communicating with patients by e-mail. From a medical malpractice standpoint, one of the biggest fears is being sued under state law for missing a symptom or diagnosis based on e-mail interactions – or missing an urgent e-mail message altogether.

Another major area of concern is complying with the patient privacy and health information security requirements of HIPAA, the federal Health Insurance Portability and Accountability Act. Under the Act’s privacy rules, only a patient or the federal government can “require” disclosure of the patient’s protected health information. The patient can also request the format in which he or she would like the information to be disclosed, including in electronic form. The health care provider must then produce the information in the requested format, as long as it is “readily producible.” The HIPAA security rule, which covers electronic health information, states that the protection of this information while in transit is an “addressable” concern that a covered provider should deal with based on its own risk analysis.

According to Sands, “HIPAA suggests it’s a good idea to encrypt communications on the Internet,” but gives providers leeway on whether to do so and how to go about it. The rules an entity follows might differ based on who is receiving the information and how it is being sent. One key aspect of complying with HIPAA, says Atlanta attorney Barry Herrin, is to document your analysis of the risks and benefits and explain any security choices you make. Essentially, you have to “show your work,” says Herrin, who specializes in HIPAA concerns and health care compliance at Smith Moore. These privacy, confidentiality and security concerns can also be an issue under state laws on privacy and medical records. But as long as physicians and their lawyers take these issues into account, email interaction with patients could reduce liability by increasing communication – which has been shown in some studies to cut the number of med-mal suits.

E-mail is a convenient way for “patients to say, ‘Can you explain again exactly what I am supposed to be doing?’” says Saliha Khaja Greff, who practices health law with Caplan and Earnest in Boulder, Colo. Sands says he frequently uses e-mail in this way, and it tends to improve patient satisfaction and outcomes, both of which reduce litigation. “If patients have a question after I’ve hung up the phone with them, they are not going to try to call me back,” he said. “But in e-mail, I routinely send a patient a message with links to supplementary information, which ultimately leads to better outcomes.”

Dr. Ann Loudermilk, an emergency physician in Boston, says she has used e-mail as a patient in exactly that way. “It’s such an easy way to get a hold of your doctor,” she says.
And from a risk management perspective, a major plus of e-mail is that it “creates an automatic paper trail,” notes Greff.  MMLR

This article was originally published in the Summer 2006 issue of Massachusetts Medical Law Report.

Questions or comments can be directed to the writer at: reni.gertner@mamedicallaw.com

Next: Doctor-Patient E-mail in Practice: Policies and Procedures