Table 2
Medicolegal and Administrative Guidelines
| ▪ Consider obtaining patient's informed consent for use of e-mail. Written forms should: | ||||
| Itemize terms in Communication Guidelines. | Provide instructions for when and how to escalate to phone calls and office visits. | Describe security mechanisms in place. | Indemnify the health care institution for information loss due to technical failures. | Waive encryption requirement, if any, at patient's insistence. |
| ▪ Use password-protected screen savers for all desktop work-stations in the office, hospital, and at home. | ||||
| ▪ Never forward patient-identifiable information to a third party without the patient's express permission. | ||||
| ▪ Never use patient's e-mail address in a marketing scheme. | ||||
| ▪ Do not share professional e-mail accounts with family members. | ||||
| ▪ Use encryption for all messages when encryption technology becomes widely available, user-friendly, and practical. | ||||
| ▪ Do not use unencrypted wireless communications with patient-identifiable information. | ||||
| ▪ Double-check all “To:” fields prior to sending messages. | ||||
| ▪ Perform at least weekly backups of mail onto long-term storage. Define “long-term” as the term applicable to paper records. | ||||
| ▪ Commit policy decisions to writing and electronic form. |
