You can’t comply with HIPAA using regular email

Edward Doyle, Editor of Today’s Hospitalist (article not yet available online) advises physicians not to use regular email to communicate with patients. He notes that

[F]ederal law contains very specific –and surprising– provisions regarding physicians’ responsibility for email… Because HIPAA uses 18 categories to spell out exactly what constitutes protected health information,… the law protects just about any information that would be of interest to outside parties. That includes not only names and dates,… but [even] references to a patient’s location that are more specific than state.

He recommends secure messaging platforms RelayHealth for group practices and ZixMail for individual physicians.

December 8, 2005

3 thoughts on “You can’t comply with HIPAA using regular email”

  1. Too bad the feds haven’t figured out a way to regulate cell-phone communications. As you know, these are not secure, but are frequently and increasingly used by docs and patients alike.

Leave a Reply

Your email address will not be published. Required fields are marked *