Skip to the main content.
Talk to sales Start for free
Talk to sales Start for free

3 min read

Who is responsible for HIPAA compliant patient follow-ups?

Who is responsible for HIPAA compliant patient follow-ups?

Provider organizations should determine who conducts the HIPAA compliant patient email or text follow-ups based on the provider’s skill set and the purpose of the communication.


What are patient follow-ups?

The Agency for Healthcare Research and Quality’s Health Literacy Universal Precautions Toolkit, 3rd Edition defines a follow-up as “The act of making contact with patients or their caregivers at a later, specified date to check on patients’ progress since their last appointment.” 

Follow-ups also provide an opportunity to address any concerns or questions since the last appointment, ensuring continuity of care and promoting patient engagement. 

The Toolkit also states “Appropriate follow-up can help you to identify misunderstandings and answer questions, as well as make further assessments and adjust treatments. In addition, follow-up helps to promote a trusting relationship between you and your patients.


Which patients will benefit from follow-ups?

The Toolkit suggests that providers “identify the types of patients who would benefit from follow-up, such as patients:

  • On high-risk medicines. 
  • With action plans to self-manage chronic conditions.
  • With missed appointments.
  • Recently discharged from the hospital.”

Read also: Using emails and texts for follow-ups during post-discharge care


Deciding the reasons for follow-up

The first step in determining responsibility for patient follow-ups is to define the purpose of the follow-up. These reasons can include:

Medical follow-up: These are follow-ups to assess patient recovery post-treatment, manage chronic conditions, or review ongoing treatment plans. 

Administrative follow-up: These follow-ups involve scheduling appointments, reminding patients about upcoming tests, or updating personal information.

Quality assurance follow-up: Follow-ups can gather feedback on the patient experience or the quality of care provided. 

Educational follow-up: Providers can offer patients educational support on managing health conditions, medication compliance, or lifestyle changes.


Determining follow-up responsibilities

The Toolkit further suggests the following example tasks and their responsible staff:

  • Follow up on complex or sensitive issues (primary care clinician)
  • Confirm medicine is being taken correctly (pharmacist or nurse)
  • Reinforce knowledge and check on action plans (nurse, health educator, or medical assistant)
  • Review health outcomes like blood pressure and blood sugar values (nurse, health educator, or medical assistant)
  • Discuss lab results (nurse, health educator, or medical assistant)
  • Schedule appointments (office staff)
  • Check on referrals (office staff)

So, provider organizations should assign responsibilities according to staff skills and the type of follow-up required. Additionally, provider organizations should establish clear protocols and ensure staff are trained in HIPAA compliance to protect patient privacy during follow-ups.


Tracking follow-ups through the electronic health record (EHR) 

Providers can integrate HIPAA compliant emails and texts with their electronic health records (EHR) to enhance follow-up communications. This allows seamless documentation and tracking of all interactions, ensuring that follow-ups are recorded and easily accessible within the patient’s health records while maintaining patient privacy. 

Furthermore, providers can automate follow-up reminders via HIPAA compliant emails and texts directly through the EHR system so that patients receive timely notifications for upcoming appointments, medication adjustments, or health interventions.


Follow-up in-home monitoring programs

Providers can incorporate follow-ups into home monitoring programs for those managing chronic conditions like diabetes, hypertension, chronic pain, etc. Patients can then report and track their glucose levels, blood pressure, weight, and pain levels between in-person visits for better continuity of care.

Integrating these reports into the EHR system ensures that all patient data is centralized, making it easier for healthcare providers to track progress, identify trends, and make informed decisions about patient care.

For example, automated emails or texts can be set up to prompt patients to report their health metrics at scheduled intervals. This method can help support continuous monitoring without the patient having to log in to a portal or app regularly. Soproviders can receive real-time updates on their patient's health status and intervene if necessary.

Go deeper: How can text messaging be used for remote patient monitoring?



How can providers ensure that their follow-up methods are HIPAA compliant?

Providers must use a HIPAA compliant platform, like Paubox, that encrypts emails and texts, safeguarding patients' protected health information (PHI). Furthermore, providers should train staff on HIPAA regulations, and implement staff policies that ensure patient privacy.


Can patients choose their preferred method of reporting health metrics?

Yes, providers should allow patients to choose whether they prefer HIPAA compliant emails or texts as their preference could influence their engagement and compliance with home monitoring programs.


Can incorporating follow-up into home monitoring programs improve patient outcomes?

Yes, home monitoring programs allow for continuous monitoring of health metrics, enabling early intervention and personalized care, which can lead to improved patient outcomes.

Subscribe to Paubox Weekly

Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.