Online Continuing Education

The Physician’s Corner
Considering E-Mail Contact With Patients?

By Henry Tulgan, M.D., FACP

Not so long ago, the thought of communicating with patients electronically would have caused most physicians to shake their heads. Now it is estimated that up to one third of medical practices use e-mail to communicate with their patients, and more are investigating moving in this direction. However, there are a number of medicolegal, federal and state laws to review before taking this step. To prevent medical malpractice and prevent potential loss, the following concerns should be addressed. 

Two of the most pressing areas for physicians to consider are missing a symptom or diagnosis due to lack of an on-site presence, or missing an urgent patient message due to an overburdened Inbox. Realistically, patients who have not been seen directly in a practice setting for lengthy periods are not appropriate candidates for an online consultation.  A personal visit should be scheduled thus allowing for follow-up communications via email. This will clearly demonstrate an enhancement of the patient’s relationship with you and will reduce your potential liability. 

At the Federal level, compliance with HIPAA privacy and security requirements should be applied to your practice regarding limiting employee(s) access to specific programs of an electronic system or patient data base.  HIPPA suggests the use of encrypted messages, but there currently remains a dearth of parameters as to what are considered best practices.  Many states also have confidentiality and security legislation under consideration pertinent to electronic medical records.  Therefore, practices should conduct a risk-benefit analysis to assure that the benefit of patient communications via e-mail clearly outweighs the amount of risk.  If you decide to use e-mail for patient contact, you should develop strict policies and procedures for its use including defining who has access to the system and who does not.

Considered low-risk is the use of e-mail for appointment scheduling, for routine prescription refills and for reporting of customary test results.  However, revealing complicated or complex results, especially if they are serious and/or time sensitive must be dealt with more directly.

Attorneys and others with internet security expertise and experience offer some advice. The best and safest practice for physician offices is to set as policy the use of encryption. Several commercial systems are available for physician offices. Another option is to use a secure communication portal. Both ensure HIPPA compliance.

It is also strongly advised to obtain in writing, a patient’s permission to communicate via email to document that they have made the decision to voluntarily waive privacy rules. This and all communication going forward, must be included in some fashion in the permanent patient record. 

While still in early stages, several insurance carriers are embarking on pilot programs to compensate physicians who use Internet sites for “virtual house calls.” As current and future generations of patients and physicians are computer literate and as systems become more sophisticated, it is very likely that electronic communications will be commonplace in physician practices. However, the American Medical Association cautions that this mode of patient contact should not replace appropriate face to face interactions, the tried and true foundation of the doctor-patient relationship.

Risk Management Strategies

  • Outline permissable uses for using email in your practice, (e.g. administrative uses such as scheduling).
  • Have a written email policy to clarify what patients can expect from physician-patient electronic communication.
  • Implement a system in your practice which includes written physician-patient communication guidelines.
  • Have patients sign an informed consent form on their use of Internet and email services with your practice.
  • Have all patient emails sent through a secure communication portal, encrypt outgoing email or address security concerns in your risk management profile.
  • Do not answer time-sensitive or medically urgent patient questions via email. Choose direct communication and document thed interaction.

Next: CME Exam Instructions
Share on Facebook Share on LinkedIn   Printer-Friendly Version

Copyright 2012. Massachusetts Medical Society, 860 Winter Street, Waltham Woods Corporate Center, Waltham, MA 02451-1411 781-893-4610 | 781-893-3800 | Member Information Hotline: 800-322-2303 x7311 info@massmed.org