How long does it take for you to send a text or email? I bet a lot of you read these as soon as your phone vibrates with a notification. You probably reply even faster than it took to read it.

If you ever check the timestamps of your messages, it might surprise you how quickly your conversations occur. Sometimes there’s an entire string of texts back and forth all within the same minute.

Communication has never been quicker with the messaging capabilities in today’s technology. We send and receive messages in seconds, making it easier to relay necessary information. It doesn’t just boost our interactions with our relationships.

It’s also useful to healthcare providers and their patients. We know how frustrating it can be to contact our doctor. The line may be busy, they’re with a visitor or away from the office, or we have a question outside of business hours.

This makes it a challenge to get reliable health information on-demand, leading people to search the web instead. But email communication can help improve this. It’s fast, easy, and can cut down on unnecessary or missed visits.

Before jumping into using email, there are factors to consider. What should a doctor do when communicating with their patients through the web?

Here are 20 dos and don’ts for doctor-patient email communication. 

• Do: Learn The Legal Constraints

• Do: Educate Patients About Communication Security and Policy

• Do: Provide Office Updates

• Do: Share Educational Material

• Do: Send Appointment Reminders

• Do: Provide Medical Product Discounts

• Do: Send Patient Statement Reminders

• Do: Use an Automatic Response

• Do: Retain Copies of Patient Messages

• Do: Maintain a Mailing List of Patients

• Do: Use an Email Signature

• Do: Terminate Email Communication if Necessary

• Don't: Communicate Before Sharing Guidelines

• Don't: Send Emails Where Recipients are Visible to Each Other

• Don't: Forget to Double-Check The Recipient's Email Address

• Don't: Send Unencrypted Private Information

• Don't: Keep Unencrypted PHI on Your Account

• Don't: Give Out Medical Advice Without Seeing The Patient

• Don't: Wait Too Long to Reply

• Don't: Use Complex Medical Terms and Acronyms

• Conclusion

As with everything in healthcare, there are legal restraints when it comes to email communication. HIPAA requires constant protection of electronic communication between patients and regarding their information.

Delivering sensitive information through non-secure accounts increases the risk of violating HIPAA. Because of this, it’s necessary to take protective measures. This includes securely delivered and encrypted data.

Personal accounts are insufficient to protect, so as a doctor you can truly only protect what you’re sending and receiving. This is why it’s important to communicate security concerns and guidelines with your patients.

You only have total control of what you send and receive. As a result, you need to emphasize any security concerns with people sending you their private information. If they were to send PHI to you through their personal account, that information could get intercepted by an unauthorized person.

If an insecure account gets hacked, the information that they sent is at risk. This is why you need to explain all security concerns that they should know before sending any of their private information.

Including a HIPAA email disclaimer is a simple way to remind patients about the sensitivity of the contents. It can also prompt them to reconsider what they send since they don’t have enhanced security measures.

There are other policy guidelines you should communicate with them. For example, if you will add their messages to their medical records for future reference, they should know that it will get saved. It’s also necessary to let them know any other staff who has access to the account so they’re aware of who all may see the message or who may respond.

Furthermore, let them know what is and isn’t appropriate to share electronically. They shouldn’t be sending you non-health-related content, and they shouldn’t ask for medical advice on someone else’s behalf. You can’t give out medical advice for someone that isn’t your patient.

You should share all policies that you have regarding patient communication. Otherwise, they’ll have no way of knowing if they’re adhering to those policies. 

You can quickly share updates electronically. While it’s useful to add updates to your website, it’s not likely that all of your current patients will be visiting your website.

Sharing these updates through email is a more likely way for them to receive these updates. This could include a change in office hours or phone number, a new appointment reminder system, or visiting procedures.

There’s no hiding the fact that people often go to the internet for health-related searches. But they aren’t always getting valuable and accurate content.

Send educational information to increase the chance that people have credible material. They can trust this coming from you as their doctor who understands their health.

And you can trust that they’re getting appropriate knowledge instead of false and harmful content. After all, having people panicked about something they read online will only make your job harder.

Here are some ideas for content you can share:

• Expert-reviewed medical articles and studies

• Seasonal brochures

• Demographic information

• Ways to prevent common ailments

• Health news related to current events

• Pros and cons of procedures/medications

Automated appointment reminders can be useful through email communication. Appointment reminders get more patients into your office. Without using these, you could have a no-show rate of over 10%. The type of communication method used can help even more.

Emailing is a convenient option since almost everyone uses it, and many will likely have access to it from their phones. Of course, there’s the chance that these could end up in the recipient’s spam folder if they don’t normally get messages from you. But if your practice already communicates with them via email, then these reminders will end up in their inbox.

You don’t need to manually personalize these for everyone when they schedule a visit. Creating automated reminders using a template will simplify the process.

When using email as the communication method, be sure to communicate cancellation policies. If you don’t accept appointment changes electronically, then be sure to remind them that they need to call for this.

Who doesn’t love free or discounted items? When we visit any retail website, we’re asked for our email address to receive notifications about upcoming deals. Once we provide it, we start getting promotions almost immediately. All of this helps businesses retain their customers.

Your practice can use this same tactic. I don’t mean you need to provide discounts for your services - though that may help convince people to visit your office. But these coupons and codes can be for wellness products that health experts trust.

Sending coupons and discounts shows that you care about your patients and value how they take care of their wellness. It tells them which products are safe and effective. Younger generations especially focus on holistic wellness and products that could make an impact on it. Sharing your trusted products helps them make informed decisions.

These should be relevant to your practice. For example, dentists can send coupons for oral care products. Members of Delta Dental can take advantage of offers on electric toothbrushes and replacement heads.

Providing relevant offers ensures that they’re items that are necessary to your customers’ wellness needs. And if you help save them money, they’ll feel inclined to return for your services. 

Let’s be honest, besides taking care of people your main goal as a practice is to get paid. Well, this can’t happen if clients don’t pay their bills.

If they receive statement reminders through email it will prompt them to pay, especially if they can make online payments. You can use an automated system for these messages, too. This will keep a consistent reminder schedule so you aren’t bombarding them but so that they don’t miss a notification.

You should use an automatic response initially when someone sends a message. This acknowledges that you’ve received it and will get back to them as soon as possible.

It’s especially useful outside of office hours when they may be waiting a while for a response. Letting them know when your staff can get back to them will keep them from worrying that you didn’t get their notification. This is also a good time to remind them that if it’s an emergency, they should seek immediate help.

If they’re hesitant to see a provider until you respond, they may prolong necessary care. But having you urge them to get help if they need it can be enough to convince them if they know you may not respond for a while.

Since people may send information about their health condition, it’s valuable to store these in their medical records. This is useful for future visits so you can look back on concerns they previously had. Make sure that you let them know beforehand that you do retain messages.

This can also be necessary if you need to delete sensitive content for HIPAA purposes. You don’t want their PHI hanging out in your inbox, especially if this data wasn’t encrypted. Adding these messages to their record allows you to keep them in a secure location and delete them from your account where it’s vulnerable. 

Mailing lists are a way to keep track of your clients who want to receive electronic communication from you. This way, you aren’t sending out correspondence to inactive accounts or people who don’t want to receive them.

Plus, you’ll have another way of identifying if something is spam. You can easily avoid engaging with suspicious senders if you’re able to confirm they aren’t one of your patients from the mailing list.

It’s possible to make these lists through your email service provider, or you can also keep lists within a spreadsheet. These keep you organized for when someone updates their email address. That way, you can edit your mailing list so only the correct account receives these messages.

You can even make lists based on certain groups for any educational materials to send. I previously mentioned educational content based on demographics. Sorting clients into specific lists by demographic makes it easier to identify who to send which content to. 

Always use an official electronic signature when sending anything to your patients. This is an easy way for them to identify that it’s a legitimate message from you. It helps separate you from any potential phishing attempts.

A signature can also include office information, such as operational hours, phone number, and address. This gives clients a quick way to find that when they have an appointment or if they need to contact your office directly. 

Sometimes there are reasons to terminate communication. Not everyone will follow the guidelines and policies that you make for your practice. 

Don’t be afraid to point out to someone that they aren’t upholding their end of the communication. If they consistently break your policies, you don’t have the obligation to continue communicating with them. Just because you don’t engage through email doesn’t mean they can’t stay as a patient.

Before you cut off this communication from them, remind them again of your guidelines and point out which parts they weren’t following. They may not realize they’re breaking policies or they didn’t understand them initially.

Another reason you will need to end communication is if someone switches practices. They won’t have use for your messages anyway so you shouldn’t continue to send them. 

Like I just mentioned, there will be people who end up not following appropriate guidelines. This is why you always need to start email communication by sharing these.

You don’t want someone to end up sending private information without understanding security measures. This could upset them into switching practices if they feel that they weren’t properly informed or that their data was at risk.

Sharing these also makes you less responsible if the patient does end up sending their PHI. If you let them know the security risks of their personal account, you can direct them to those guidelines if they blame you for something on their end. 

If you’re sending group emails, ensure that the recipients aren’t visible to each other. This breaks their privacy of being a patient at your practice. Sharing their name and email address to unauthorized individuals could mean a privacy violation.

Use a service provider where you can keep other recipients hidden from each other. It would be a pain to send the message to each person individually, so using tools that keep them hidden from each other is more beneficial.

You also need to ensure that the group mailing doesn’t have the capability for them to Reply All. This would cause them to send information back to other recipients without even realizing it. 

Similarly, don’t forget to check the recipient. Sending a message to the wrong patient is avoidable, but it still happens.

Chances are that the recipient won’t abuse this sensitive information. But there’s no way to know once it’s in the wrong inbox. Even if they don’t read or copy the contents, and they immediately delete it forever, it’s still a violation to send PHI to an unauthorized person.

Always check who the recipient is and confirm that all attachments and information are for that same patient. 

Encrypting private data is one of the best ways to protect it, especially when sending it electronically. It scrambles the information and requires a key to decrypt.

This way, even if you do send the data to the correct person, it’s safe from security breaches. If someone else were to intercept the email or in the case that you did send it to the wrong person, they’ll still need a key to access the contents.

It’s also another level of safety for the information once it’s out of your own hands. Your practice can’t control what happens to the data once it’s in the recipient’s inbox. There’s no way to track if a malicious attacker gets into their account. But if you encrypt the data, you will have done your part to keep it safe if someone else accesses their account. 

It’s one thing to send encrypted data, but it’s another to receive it. No matter how many times you warn people that their personal accounts are a risk to send this information, they still may do it.

If you’ve informed them about the risks, it isn’t your fault if they send this to you. But you can be responsible if your account gets breached and the information becomes compromised.

This is why you should record the messages within your secure EHR system, and then delete them from your inbox forever. It’s also important to check the account frequently so you don’t miss one that contains private data.

Patients are going to reach out to you to get medical advice. It’s inevitable when there’s two-way communication. While you may be able to answer some of their concerns confidently and easily, it’s important not to give out advice before you’ve assessed a patient.

The same goes for sending educational material. Remind patients that they still should consult their doctor provider with concerns. These materials can be relevant to patients in different ways and they shouldn’t use them as a way to self-diagnose.

This also applies to people who ask questions on behalf of someone else, like a family member. You don’t know that person’s medical history. If they have a serious concern outside of office hours, recommend that they go to urgent care for an assessment.

You don’t want to be responsible for giving out false information due to miscommunication. It’s difficult to provide an accurate diagnosis and medical advice without first seeing the person.

The longer it takes for you to respond, the more frustrated a patient will get. This is especially important if they emailed you with an urgent question and are waiting for your advice. You don’t want to go a prolonged period before telling them to seek emergency care.

You also don’t want to wait too long because their messages will end up getting lost in your inbox. Having PHI within your account is a risk for a violation. It also makes patients more likely to send it to you again if they don’t hear back, and then you may miss their previous message.

Establish a turnaround time and stick to that. Include this in your automated response to patients so when they send you something, they know when you’re likely to get back to them. Then, if they still haven’t heard back by then, they can reach out again. This keeps them from flooding your inbox with too many messages to keep track of. 

When sending health information, make sure you don’t use complex medical language. This won’t help people understand what you’re talking about.

They may turn to a search engine to try defining what you meant. But this could lead to misinterpretation or finding for wrong information. They may then start to panic or get frustrated with your practice that you don’t make things simple to understand.

If you must use these terms in your descriptions, make sure to define them or break them down in simple language. This resolves any confusion, and it gives patients more control over their health when they better understand it.

It’s so easy to get in touch with someone electronically today. Entire conversations can happen in a matter of minutes. Thus, it’s an expectation from patients to have the ability to reach out to their doctor at an instant. There’s no longer an exception within healthcare.

Doctors have so much on their plate as it is. Communicating with patients online can help reduce unnecessary phone calls, snail mail, or visits. It’s also a convenient way to provide educational sources so patients have more control over their health.

But as with anything in the medical field, there are factors to consider before diving right in. Coming up with a plan for email communication with your patients is so important. Understanding how to best use the platform will help you prevent HIPAA violations, losing clients, or ending up with more work.