Paubox blog: HIPAA compliant email made easy

Should ADHD coaches be HIPAA compliant?

Written by Caitlin Anthoney | June 15, 2024

If an ADHD coach handles protected health information (PHI), they must use HIPAA compliant emails or text messages, to maintain client confidentiality, adhere to legal obligations, and uphold ethical standards. 

 

What is an ADHD coach?

According to the ADD Coach Academy, patients with attention-deficit/hyperactivity disorder (ADHD) “have the same human needs as any coaching client, and also face unique challenges related to ADHD, which can interfere with their quality of life. These challenges might include hyperactivity, impulsivity, and/or inattention, as well as the belief that they can't reach their goals because they have ADHD.”

ADHD coaches specifically work on practical strategies and skills to help patients address the challenges associated with ADHD. They also “work with clients to create structures, support, skills and strategies to help them move forward with fuller and more satisfying lives.”

ADHD coaches “are not licensed to offer a medical diagnosis or medication,” explains HealthCentral. However, if an ADHD coach is providing services that involve handling protected health information (PHI), like discussing specific medical history, medication details, or other personal information, they must maintain HIPAA compliance.

 

HIPAA compliance in ADHD coaching

Health Insurance Portability and Accountability Act (HIPAA) was enacted to safeguard individuals' medical information. It sets the standards for protecting health information and applies to covered entities, like healthcare providers, health plans, and healthcare clearinghouses, that transmit electronic health information.

While ADHD coaches do not always fall under this category, they can still handle protected health information (PHI) when working with clients on aspects like medication management, treatment plans, and personal health details.

Go deeper: Who needs to be HIPAA compliant?

 

Why HIPAA compliance matters

Client confidentiality: ADHD coaching often involves discussing personal details that fall under PHI, so ensuring HIPAA compliance helps maintain client confidentiality, creating a safe environment for open communication.

Legal obligations: Providers, including ADHD coaches, must protect PHI and ensure HIPAA compliance, as non-compliance can lead to severe penalties, including fines and reputational damage.

Ethical standards: “HIPAA framework is consistent with ethical norms governing patient care,” explains the AMA’s federal privacy protections. So, ADHD coaches must uphold HIPAA standards for ethical conduct and professional integrity.

Read also: Ethical email marketing for healthcare organizations

 

How ADHD coaches can ensure HIPAA compliance

Use a HIPAA compliant platform

Regular electronic communication services are not secure and should not be used for transmitting PHI. Instead, ADHD coaches must use a HIPAA compliant platform, like Paubox, when emailing or texting clients. These platforms offer encryption, secure storage, and access controls, safeguarding patients’ PHI from unauthorized access and mitigating the risk of potential breaches.

 

Train staff on HIPAA compliance

Provider organizations must ensure all staff involved in ADHD coaching are regularly trained on HIPAA regulations and understand their responsibilities regarding PHI. Regular training sessions can help reinforce compliance and promote a culture of privacy and security within the organizations.

 

Obtain patient consent

ADHD coaches must explain to patients how their PHI will be handled and protected. Furthermore, ADHD coaches can use HIPAA compliant consent forms that outline privacy practices, client rights, and procedures for handling PHI.

 

FAQs

Who does HIPAA apply to?

HIPAA applies to healthcare providers, health plans, and healthcare clearinghouses that handle protected health information (PHI).

 

What is PHI?

Protected health information (PHI) includes any individually identifiable health information held or transmitted by a covered entity or its business associates.

 

What are the penalties for HIPAA violations?

Penalties for HIPAA violations can range from fines of up to $50,000 per violation to criminal charges and imprisonment, depending on the severity and intent.