Best Practices for TextExpander and HIPAA / Medical / Personal Info
TextExpander helps you fill out medical charts and insert vitals with just a few key presses. How can it be used effectively, yet still maintain patient privacy?
What Information Goes Into a Snippet?
Since Snippets are user-created content, they only contain the information that you as the creator put into them. The Snippets are stored encrypted at rest and access to the Snippets is controlled by your email address and password.
When sharing a group of Snippets in an Organization setting, an Administrator makes the decision as to who has access to the group of Snippets and also who can make changes to those Snippets.
What Information Does Not Belong in Your Snippets?
TextExpander is not where you would want to put any patient’s personally identifiable information (PII). Snippets are usually items that you type or copy and paste repeatedly. TextExpander supports Fill-in fields, which would make it easier to include places to enter transitory patient information, since the information is entered at the time of expansion and is not saved into TextExpander, nor does it leave the machine where it is entered.
An example of what not to do:
Create a Snippet naming a specific patient.
An example of what to do:
Create a Snippet that allows you to fill in the needed information that you would repeat for multiple patients without including any information specific to one patient.