Alexa, Google Home and HIPAA/privacy issues for IBCLC home and office visits
A news article today got me thinking that those of us who do home visits may want to add something that addresses smart speakers to our "how to prepare for the visit" emails.
I recommend suggesting to your clients that they turn off smart speakers prior to the visit in order to prevent accidentally transmitting protected health information (PHI). Now, this isn't a HIPAA violation per se, because the clients have the right to do whatever they like with their PHI. But reminding them that these devices are listening to them is a highly ethical move on your part, showing them that you care about their privacy.
If you have a smart speaker in your office setting, disable voice commands during client visits to prevent unintentionally transmitting PHI. If it's your smart speaker that sends PHI, then that is a HIPAA breach. I recommend disabling voice commands on any mobile device that has access to PHI as well, for the same reason. Sorry, no Siri for you!
About the Author
Annie Frisbie, MA, IBCLC is the creator of the IBCLC Private Practice Essential Toolkit, a collection of books, resources, legal forms, training manuals, and workbooks aimed at helping private practice lactation consultants build a private practice that’s ethical, profitable, sustainable, and enjoyable.