Hello, This is Kurt Francom with Fiddler Online and this is one of hundreds of videos where I answer some of the most commonly asked questions related to small business web design.
Today’s question is, “Can I have a HIPAA Compliant form on my website?”
If you are watching this video and you don’t run a clinic or a hospital or something related to the medical industry, you’re probably going to get really bored but that’s ok. You can look at my face and wonder what I am talking about.
What does HIPAA stand for? Health Insurance Portability and Accountability Act. This is why I did not go into the medical field. Basically what this means is that there are certain laws in place to protect information of patients and customers relating to the medical industry. Generally people don’t want their personal medical records leaked or out there available to be hacked, so there is a lot of compliance that goes with it. To be completely honest, we just don’t want to deal with that compliance because one, it’s very expensive and two, we don’t want to get sued. Neither do you want to get sued.
So this is generally what happens; a local clinic will come to us and say “Hey, we need a website and boy, would it be great if our clients could fill out all the medical forms on our website, prior to coming in to our clinic, and that way they don’t have to sit in the waiting room getting sick from all these other clients filling out these lengthy forms, when they can just do it at home.” And we think wow, that is a great idea, however we are NOT going to do it. Why? Because it has to be HIPAA compliant. There are certain third party companies that you can use to do this but it’s nothing we are going to put in your website because we would have to do so much maintenance and lock down our servers so much that it would price us out of the market and you don’t want to do that.
So, if you are a clinic that is looking for a website, we can still help you. We have lots of clients that run dentist offices, we have a vet clinic, don’t know if vets are related to HIPAA, and we have other clinics that still have a great website. We just make sure that they know that you can’t have a form on your website that is going to make patient information vulnerable to hackers or people like that. But there are other solutions like making a PDF available that they can fill out at home and bring in prior to the visit and a number of other ways to do it.
Tevya, my business partner, wrote a great article about HIPAA compliant websites to give you third party vendors that can do and make these forms possible for you. So it does streamline that process. Give it a read and you will know what to do next.