Legal Consultation regarding HIPAA and Software Tech
We need a HIPAA lawyer to answer a HIPAA-related question:
As part of their degree, student nurses need to perform rotations in hospitals. These rotations consist of visits to the hospital, where they work and help real nurses. Prior to visiting hospitals, the students will need to send certain documents to the hospitals. Examples of these documents are:
Proof of Insurance
Criminal Background checks
Drug test results
We are a company that offers on online file cabinet accessible by the students and the hospitals, and which stores these documents. The online file cabinet is a web application accessible via login and password by the student, the school administrator, and the hospital. This file cabinet contains the students' files.
See overview of what we do here:
We assume that HIPAA mandates that PII info cannot be shared by email, which is considered a non-secure medium.
Based on that assumption, our system sends automatic reminders email, but these email messages do not contain information about the users.
A hospital user is asking us to modify the system and add the following information to the email reminders:
Name of student
Student's instructor's name, email and phone #.
Are we able to comply with this hospital user's demand without infringing HIPAA rules?
Deliverable for this project: An opinion based up by written reasoning
Vision for this project: We receive requests to tweak our system on a weekly basis and are looking for a HIPAA attorney to be a long term provider for our company.
Students Rotation Software LLC