Using Patient Portals to Promote Patient Communication
With advances in technology, patients increasingly expect the convenience of electronic communication with their healthcare providers. While there are multiple ways to connect, patient portals offer one of the most secure options and should not be mistaken for unsecured email (see our tip Unsecured Email and Patient Communication). Portals require user authentication, ensuring greater privacy and security. When activated, a patient portal allows patients to view or download health information, request prescription refills, schedule appointments, communicate with providers, and access other helpful features.
Patient-specific Considerations
- Establish a process to prepare patients for portal use that includes registration, authentication, informed consent, and education.
- Establish clear guidelines for appropriate use, such as prescription refills, non-urgent medical advice, simple lab results, and appointment management, and inappropriate use, such as emergencies, complicated, or sensitive questions.
- Instruct patients to specify the purpose of the request in the subject line, for example, "Refill request," "Reschedule appointment," or "Medication question."
- Provide a phone number on your website that patients can call if they need technical assistance with setting up their portal account.
- Consider providing patients with written material such as a brochure to introduce the patient portal and to provide instructions on setting up their account.
Operational Risks to Consider
Policy and Procedures
Develop and implement a policy for internal organizational considerations, such as management and ownership of the patient portal, the timeframe in which information will be transmitted to the portal, and a process to protect sensitive or protected information (e.g., substance abuse, HIV, behavioral health for minors based on state-specific guidelines). The organization should also develop and implement clear terms of use and user agreements for patient portal users.
Available information
What information will you make available to patients on the portal—not all information is useful, such as miscellaneous notes for internal communication; too much information may confuse patients and could reduce the effectiveness of this tool.
Information Blocking
The Information Blocking rule, established under the 21st Century Cures Act, is designed to promote patient access to their electronic health information (EHI). It prohibits healthcare providers, health IT developers, and health information networks from unreasonably interfering with the access, exchange, or use of EHI. The rule aims to increase transparency and empower patients to make informed decisions about their care. Exceptions are allowed only when specific, legitimate reasons—such as privacy or security concerns—justify limiting access.
Minors
Depending on state guidelines, minors may consent to specific procedures and treatments, such as abortion, pregnancy counseling, outpatient behavioral health, or HIV testing, without the consent of a parent or guardian, and may control how information is released.
Turnaround Time
Establish expected turnaround time for responding to messages. Include responsibility for coverage when the provider is off.
Set aside specific times each day to respond to portal messages.
Responses
Develop standardized responses, consistent with internal policies, for situations such as requests from non-authorized patients, failure to follow system guidelines, and inappropriate use.
Ensure that your responses are professional and appropriate. Use plain language and avoid overfamiliarity.
When patients initiate an email through the portal, ensure there is a warning, "Not for emergency use," instructing them to call 911 if it is an emergency.
These guidelines are intended to reduce your risk. They do not reflect all operational considerations when implementing a patient portal.
If your organization has not implemented a patient portal, there are toolkits and resources to help you.
Resources
HealthIT.gov. (n.d.). Patient engagement playbook.
American Health Information Management Association. (n.d.). Patient portal toolkit. https://www.ahima.org/media/52oljtaa/patient-portal-toolkit_axs.pdf
American Medical Association. (2020). What is information blocking? Part 1 [PDF]. https://www.ama-assn.org/system/files/2021-01/information-blocking-part-1.pdf
Medical Mutual Insurance Company of Maine's risk management resources are offered only as references for informational purposes. They are not intended to establish practice standards or take the place of medical judgment or legal advice. Medical Mutual recommends you consult with your medical staff leadership and a qualified attorney for any specific application to your practice. No risk management resource provided by Medical Mutual is intended to affect the applicability, scope, or limit of your liability insurance coverage or to otherwise amend or add to the terms and conditions stated expressly in the liability insurance policy issued to the identified policyholder for the applicable policy year.