Look at alternatives to encryption when you deem them necessary.
An email that contains a patient’s protected health information (PHI) can be completely harmless —unless it falls into the wrong hands.
But fortunately, there are a few ways that you can head off potential email security breaches.
Although many health care providers have started encrypting their emails, you aren’t specifically required to do so yet. As the interim final rule published in the Aug. 24 Federal Register indicates, that “a covered entity may be in compliance with the [HIPAA] Security Rule even if it reasonably decides not to encrypt electronic PHI and instead uses a comparable method to safeguard the information.”
Several readers have inquired what might constitute a “comparable method,” and some even asked why this is required in the first place. And we’ve got your answers here …
…
If you've already signed in and are still seeing this screen, click here to refresh the page.
- Free updates on the latest developments affecting healthcare IT.
- Discounts on 3rd party offers.
October 8th, 2009 at 12:15 pm
So, is there any protection that should be provided if a patient wants an electronic record emailed to them? If not, should they sign a waiver that they understand that the information sent to them will not be secure?