Privacy Practices and Your Website—Why and How
You may not be aware of this, but one important component of HIPAA is that you must post your Notice of Privacy Practices on your website. According to the HHS website:
A covered entity (that’s you!) must prominently post and make available its notice on any web site it maintains that provides information about its customer services or benefits.
Fortunately, HHS also provides free templates for creating a Notice of Privacy Practices. You can download a PDF version (more suitable for a brochure) or a text-only version that is very easy to copy and paste to your website.
Where should it go on your website? You can post it on your policies page, or create a separate page that just hosts the Notice of Privacy Practices. In your consent form, you can point your clients to the website and have them indicate if they also want a hard copy (which you are obligated to provide on request).
Website Terms & Conditions are more general policies that apply to visitors of your site. You can find a customizable template for sale in the store and also bundled with the IBCLC Private Practice Essential Toolkit.
About the Author
Annie Frisbie, MA, IBCLC is the creator of the IBCLC Private Practice Essential Toolkit, a collection of books, resources, legal forms, training manuals, and workbooks aimed at helping private practice lactation consultants build a private practice that’s ethical, profitable, sustainable, and enjoyable.