Email and Texting PHI - HIPAA, TCPA and CMS Compliance 2025

Health Care Providers, Health Plans and Business Associates only need to follow a simple “3-Step Safeguard” for emails and text messages to avoid violating HIPAA, administered by the Office for Civil Rights of the U.S. Department of Health and Human Services (HHS), and text message violations of the TCPA (Telephone Consumer Protection Act), administered by the Federal Communications Commission (FCC). The U.S. Centers for Medicare & Medicaid Services (CMS) also has a simple text messaging rule that is easy to follow but is often overlooked by Providers.

If a patient prefers, HIPAA Covered Entities can and must use UNENCRYPTED Email and Texts containing protected health information (PHI) to communicate with the patient. The same rules apply to HIPAA Business Associates who email or text individuals on behalf of a Covered Entity.

This webinar explains the rules clearly and captures your attention with multimedia and moving graphics. The key takeaway is how easily Covered Entities and Business Associates can protect themselves from email and text message violations.

Areas Covered:-

• Overview – Key Takeaways
  • How HIPAA defines PHI – it’s different and bigger than you might think
  • When You Must Encrypt Emails and Text Messages with PHI
  • When you must use Unencrypted Email and Text Messaging to communicate PHI to patients
• HIPAA Rules for Email & Text Messaging
  • Key Definitions
  • 3-Step Safeguard – Patient Emails & Text Messages
  • Proposed HIPAA Security Rule Change for Emails & Text Messages
• Texting and the Telephone Consumer Protection Act (TCPA)
• When and Why You Must Encrypt – HIPAA and CMS
• Tips for Enterprise-wide Compliance.

Why Should You Attend?

Attend this webinar to learn how to comply with HIPAA, TCPA, and CMS Rules regarding PHI in emails and text messages. You will see how to use and document the “3 Step Safeguard” to protect your organization. You will also learn when emails and text messages with PHI must be encrypted.

Who Will Benefit?
Health Care Covered Entities

• Health Care Providers
  • Clinics
  • Hospitals
  • Health Care Practices of all types and sizes
  • Physical, Occupational, and Behavioral Therapists
• Health Plans
  • Group Health Plan Administrators
  • Third-Party Group Health Plan Administrators
  • Health Plan Administrators
• Personnel
  • Executive Management – all Covered Entities
  • Compliance Committee – Covered Entity Board of Trustees
  • Practice Managers – Covered Entities
  • Chief Compliance Officer – all Covered Entities
  • HIPAA Compliance Officials – Privacy and Security
  • Patient Engagement and Marketing Specialists
  • Patient Outreach Coordinators
  • Risk Managers
  • Covered Entity Owners and Senior Management
  • Compliance Committee – Physician, Practitioner-owned Covered Entities
  • Attorneys for Covered Entities – In-house and Outside Counsel

Vendors and Business Associates  

• Vendors of Email and Text Message patient engagement services
• Billing companies
• Collection Agencies
• Practice Management Companies
• Vendors of patient satisfaction surveys using Email and Text Messages
• Health Care Marketing Consultants
• Health Care Compliance Consultants
• Law Firms.