Ala. Admin. Code r. 630-X-13-.04

Current through Register Vol. 43, No. 1, October 31, 2024

Section 630-X-13-.04 - Security Measures For Electronic Mail

Adequate measures shall be taken to ensure the security of all patient communications through electronic mail, and that said information remains confidential. Electronic mail includes any type-written communication that is transferred via the internet, telephone or cable line, or cellular telephone service, but shall not include facsimile, or "fax" communications. Providers of optometric telemedicine shall, prior to providing optometric telemedicine services, establish and adopt written policies and procedures to ensure the security of patient communications, recordings, and records transferred by electronic mail. Policies shall be evaluated periodically so that they remain up-to-date. The written policies and procedures for such security measures for electronic mail shall address all of the following:

(1) Confidentiality and integrity of patient-identifiable information;

(2) The identity-by position or title-of health care personnel who will process or otherwise have access to information sent by electronic mail;

(3) Hours of operation and availability of the provider and distant site provider;

(4) Types of transaction which shall be permitted electronically;

(5) The type of information to be included in the communication, such as patient name, identification number, and type of transaction;

(6) How and when electronic mail will be archived and retrieved;

(7) Mechanisms for the oversight of the processing, handling, storage, and archival of electronic mail.

Ala. Admin. Code r. 630-X-13-.04

Adopted by Alabama Administrative Monthly Volume XXXIII, Issue No. 05, February 27, 2015, eff. 3/13/2015.

Author: Dr. Fred Wallace

Statutory Authority:Code of Ala. 1975, §§ 34-22-80 through 34-33-87.