Self reset of patient portal password

Has anyone determined if the Google captcha process is HIPAA compliant?

I have noticed that the ability to reset your portal password is not enabled unless the Google captcha is enabled. This seems like a potential liability to me because Google will then be able to determine that someone is being treated in my practice. In addition they do this so they can track your online activity.

Is there a way to enable this functionality without the Google process?

1 Like