top of page

EverHome Healthcare Communication & Electronic Device Policy

HIPAA-Compliant Policy for EverHome Healthcare Home Care, Home Health, Nursing, Therapy, and Caregiving Services. 

Purpose

The purpose of this policy is to establish clear communication and electronic device standards for EverHome Healthcare’s home care and home health operations, including services delivered in client homes, community settings, remote work environments, and the Lynnwood office.

 

  • Establish standards for professional communication within the organizationnsure confidentiality, integrity, and security of Protected Health Information (PHI)

  • Define appropriate use of electronic devices and communication systems

  • Support EverHome Healthcare’s commitment to providing professional, compassionate, reliable care while complying with HIPAA (45 CFR Parts 160 & 164), Washington State requirements, payer requirements, and applicable contract obligations

Scope

This policy applies to:

  • All EverHome Healthcare employees, contractors, clinicians, caregivers, volunteers, administrative staff, and other workforce members

  • All communications involving clients, patients, family members, authorized representatives, referral partners, providers, payers, and EverHome Healthcare personnel

  • All company-owned devices and approved personal devices used for scheduling, documentation, communication, clinical coordination, caregiving, nursing, therapy, administrative work, or access to PHI

Definitions

  • PHI (Protected Health Information): Any identifiable health information maintained or transmitted in any form

  • Electronic Devices: Includes smartphones, laptops, tablets, printers, and other digital tools

  • Secure Communication: Communication using approved, encrypted platforms

​

General Communication Standards

All EverHome Healthcare workforce members must:

  • Communicate in a professional, respectful, timely, and compassionate manner consistent with EverHome Healthcare’s client-centered mission

  • Use minimum necessary information when discussing patient care

  • Verify recipient identity and authority before sharing PHI with family members, representatives, providers, payers, or referral partners

  • Avoid discussing PHI in public, unsecured, or easily overheard environments, including hallways, vehicles, elevators, client common areas, and public spaces

 

Approved Communication Methods

  • EverHome Healthcare company email and approved secure communication systems

  • HIPAA-compliant messaging systems

  • Authorized electronic medical record, home health documentation, scheduling, telehealth, and care coordination platforms

  • Approved scheduling, documentation, telehealth, or care coordination systems designated by EverHome Healthcare

 

Prohibited Communication Methods

  • Personal email accounts for PHI

  • Unencrypted text messaging or messaging apps

  • Social media, public forums, or informal messaging channels for client, patient, employee, or operational PHI

HIPAA Compliance Requirements

All communications must comply with:

  • HIPAA Privacy Rule (45 CFR §160.103) – Protects patient information

  • HIPAA Security Rule (§164.308, §164.312) – Safeguards electronic PHI

  • Minimum Necessary Standard (§164.514) – Limits PHI disclosure

 

Key Requirements

  • Access PHI only when necessary to perform assigned EverHome Healthcare job duties, including care coordination, scheduling, documentation, billing, quality review, or direct care

  • Use secure, encrypted systems for transmitting PH

  • Immediately report suspected breaches, unauthorized disclosures, misdirected messages, lost documents, or device incidents to the designated EverHome Healthcare supervisor, privacy officer, or compliance contact

  • Log out or lock systems when unattended

​

Electronic Device Usage Policy

Ownership & Authorized Use

  • All EverHome Healthcare-issued devices remain company property

  • Devices are for authorized EverHome Healthcare work-related purposes only, including client care, care coordination, scheduling, documentation, communication, and administrative functions

  • Employees and contractors must sign an acknowledgment before using any device or system that may access EverHome Healthcare information or PHI

 

Security Requirements

Employees must:

  • Maintain two-factor authentication where available

  • Use strong passwords and never store them with the device

  • Lock devices when unattended

  • Keep devices physically secure at all times

​

Acceptable Use Guidelines

  • Use devices only for authorized EverHome Healthcare business tasks

  • Access only EverHome Healthcare-approved applications, systems, and communication channels

  • Follow EverHome Healthcare IT, privacy, documentation, and security procedures regarding software, updates, storage, and device configuration

​

Prohibited Activities

  • Installing unauthorized software, disabling security controls, or altering EverHome Healthcare device configurations

  • Sharing devices or login credentials

  • Storing PHI outside approved systems

  • Using devices for personal, inappropriate, or non-business purposes that could compromise EverHome Healthcare information, PHI, or client trust

​

Physical Security

Employees must:

  • Keep devices, paper notes, and printed schedules within sight or secured while in client homes, vehicles, public locations, and the office

  • Avoid leaving devices, documents, or client schedules unattended in vehicles, client homes, public places, or shared workspaces

  • Protect devices from damage (liquids, dirt, extreme temperatures)

​

Remote & Travel Use

When working remotely, traveling between client visits, or documenting from the field:

  • Use secure Wi-Fi or VPN connections

  • Avoid accessing PHI on public networks

  • Store devices, paper notes, and client-related documents out of sight and secured when not in use

​

Incident Reporting

EverHome Healthcare workforce members must immediately report:

  • Lost or stolen devices, paper records, printed schedules, or client-related documents

  • Suspected data breaches, misdirected communications, unauthorized disclosures, or improper access to PHI

  • Unauthorized access attempts

​

Text Messaging & Phone Communication

  • PHI may only be transmitted through EverHome Healthcare-approved encrypted messaging, documentation, or care coordination platforms

  • Standard SMS texting is not permitted for PHI

  • Voicemail messages must not include detailed PHI; messages should be limited to caller name, EverHome Healthcare affiliation, callback number, and a general request to return the call

​

Email Communication

  • Only use EverHome Healthcare company-provided or company-approved email accounts for work-related communications

  • Encrypt emails containing PHI or use an approved secure alternative when communicating with clients, families, providers, payers, or referral partners

  • Verify recipient addresses before sending

​

Social Media Policy

EverHome Healthcare workforce members must:

  • Never post or discuss PHI online

  • Avoid identifying patients or cases

  • Maintain professional boundaries with clients, patients, families, caregivers, and referral partners

​

Monitoring & Privacy

  • EverHome Healthcare reserves the right to monitor company systems, devices, applications, and communications to protect PHI, client safety, business operations, and regulatory compliance

  • Users should have no expectation of personal privacy when using EverHome Healthcare systems, company devices, or approved work platforms

​

Training Requirements

All EverHome Healthcare workforce members must:

  • Complete HIPAA, privacy, security, and communication training upon hire and at least annually

  • Participate in cybersecurity, mobile device, field documentation, and incident reporting training applicable to home care and home health work

  • Acknowledge understanding of EverHome Healthcare policies and agree to follow them during all client, patient, office, field, and remote work activities

​

Enforcement & Sanctions

Violations of this policy may result in:

  • Loss of device privileges

  • Disciplinary action up to termination

  • Legal consequences under HIPAA

  • Sanctions will align with EverHome Healthcare policy, applicable employment or contract terms, HIPAA, Washington State requirements, payer rules, and other applicable laws.

​

Acknowledgment

All EverHome Healthcare employees, contractors, clinicians, caregivers, and other workforce members must sign a statement confirming:

  • Understanding of this policy

  • Agreement to comply with all EverHome Healthcare communication, privacy, security, documentation, and device requirements

  • Responsibility for safeguarding EverHome Healthcare devices, records, login credentials, client information, and PHI

​

Review & Updates

This policy will be:

  • Reviewed at least annually by EverHome Healthcare leadership, compliance, privacy, operations, and/or clinical management

  • Updated as regulations, technology, payer requirements, service lines, or EverHome Healthcare operational needs change

bottom of page