How to Use Your Patient Portal (Part 2)

Part 2 of 2 - Click Here for Part 1

Security
Security is a top concern with patient portals. Providers grant patients access with a secure username and password. It is important to choose a patient portal vendor that provides a system which allows the practice to be HIPAA compliant. The provider should establish procedures which are structured for optimal security.

Subscribe to Patient Safety Advocate
Patient Safety Advocate is a free bi-monthly newsletter created by CAP's risk management and patient safety experts, specifically for the independent medical practice.

An important security feature is how the patient establishes access. For example:

  • A patient visits the physician's office and signs a Patient Portal Access/Authorization Form and is given a one-time use activation code or
  • A patient activates the portal account by logging into the portal and creating a username and password

Terms and Conditions, Access Form, Disclaimers, or Authorization Forms 
Our research indicates that these terms are used interchangeably and denote a written document wherein the practice delineates the policies and procedures governing the use of its patient portal. Each practice should draft its own set of guidelines, but all forms should inform patients that the portal should not be used for urgent and/or emergent matters. Your forms should also include information about the following:

  • Explanation of and guidelines for use of the patient portal
  • Response time
  • General guidelines for communication
  • Portal eligibility
  • Privacy and security
  • Liability disclaimer
  • How to get started

Remember, only established patients should be able to access the practice’s patient portal. Your EHR vendor should have sample forms which include the above information.

 

This information should not be considered legal advice applicable to a specific situation. Legal guidance for individual matters should be obtained from a retained attorney.