Consider the following:
Know your state regulations.
First of all, make sure you don’t run afoul of the law. Clinical emails may be regulated at the state level, usually by state licensing boards. For example, the Medical Licensing Board of Indiana lists some very specific requirements on its website (http://bit.ly/180JCYu). The state requires that you obtain written informed consent from patients prior to initiating email contact. This informed consent agreement must specify what types of information are permitted to be emailed (for example, refill requests and scheduling information), must state that email is not to be used for emergencies, and must detail when patients should call the office, schedule an appointment, or seek emergency care instead of using email. The regulations also specify that security measures (such as password protection and encryption) must be in place to protect patient confidentiality. Finally, it requires that all electronic communications must be included as part of a patient’s medical record.
Be aware of federal regulations.
You should also be aware of federal HIPAA regulations governing the privacy and security of your patients’ protected health information or (PHI). If you are sending an electronic communication that contains PHI, you need to ensure its security. While HIPAA regulations do not require that you encrypt email, many HIPAA consultants recommend healthcare providers encrypt such communication to prevent a security breach. You may be fortunate enough to work for a healthcare organization that encrypts electronic communications for you, but if you have your own practice it may be worth the expense to invest in an encryption solution. Encryption may be less expensive than a HIPAA breach in the long run.
Follow professional standards.
You should also check guidelines of professional associations, since such guidelines are considered standard of practice by courts—and thus very important if you ever get sued. The American Medical Association offers guidelines that emphasize obtaining informed consent from patients before initiating or responding to electronic communication and safeguarding patient confidentiality. They recommend using email to supplement face-to-face office visits but never using it to initiate a patient-physician relationship (Bovi AM, AmJBioeth 2003;3(3):W-IF2).
It is notable that the Idaho Board of Medicine recently disciplined a physician for calling in a prescription following a telephone consultation, stating that it was a breach of standard of care to prescribe medication without an in-person examination of a new patient (Idaho Press-Tribune, April 28, 2014, http://bit.ly/1fMMaGV).
Although this case is related to telephone consultation, it is easy to see how a similar scenario could potentially involve electronic communication instead. This makes intuitive sense for the practice of psychiatry, where a great deal of important diagnostic information is provided through visual and auditory cues, such as psychomotor behavior, speech patterns, and affect. These factors make face-to-face assessment of new patients, and even of new concerns in established patients, essential.
Protect confidentiality and maintain therapeutic boundaries. Some additional considerations when using email in your practice relate to confidentiality and therapeutic boundaries. It is always possible for email to be misaddressed or read by someone other than the intended recipient.
Several years ago I worked with a student who slightly misspelled my email address when sending a correspondence that contained a great deal of clinical information. Instead of going to me, the email was received by a professor in the student’s department. To make matters worse, the student had cc’ed an off campus member of the treatment team, who replied using the “reply all” feature, compounding the problem. This type of risk to confidentiality should be included in written informed consent agreements with your patients before using email.
A final concern relates to therapeutic boundaries. As with phone calls, some patients may email excessively, and some may use email to state urgent concerns in spite of a prior informed consent agreement not to. It is best to address this just as you would any other boundary issue, and I have even found that on some occasions patterns of email use by patients can provide important clues to characterologic diagnoses, which can inform treatment planning.
But don’t let all this scare you away from judiciously using a modern technology that has the potential to improve your communication, and therefore, the quality of care for your patients. While there are both advantages and risks in using email in clinical practice, my experience has been that in most cases the pros far outweigh the cons.
TCPR’s VERDICT: Email enhances communication—and communication is how we help our patients.