Confidentiality, Privacy and Security

Sending Unsecure E-mail

  • 1.  Sending Unsecure E-mail

    Posted 02-25-2019 10:03
    In our facility we monitor our e-mail to assure that no PHI, PII or financial data leaves the facility.  We are receiving some push back on the monitoring of PII and also if another vendor sends it unsecure and we reply we are receiving push back that why should we read the whole e-mail to assure no PHI is in it.

    What is everyone else doing, is it only PHI and only PHI your staff sends out, not worrying about what comes in?

    Thanks Kim

    ------------------------------
    Kimberle Johnson
    [Director HIM/Privacy and Compliance Officer]
    Campbell County Health
    ------------------------------


  • 2.  RE: Sending Unsecure E-mail

    Posted 05-29-2019 13:45
    We also monitor outgoing email.  Our policy is to require encryption when PHI is included.  Just as you do that includes responding to an email that was received with PHI.  I.T. forwards suspect unencrypted emails to Medical Records where a review is done to determine if a breach occurred.
    I have a question for you:  Do you put email correspondence in the patient record?  ​

    ------------------------------
    Pamela Kaiser
    Medical Records Tech/Privacy Officer
    ------------------------------



  • 3.  RE: Sending Unsecure E-mail

    Posted 05-30-2019 13:25
    We do not place this email in correspondence in the record.  Kim

    ------------------------------
    Kimberle Johnson
    [Director HIM/Privacy and Compliance Officer]
    Campbell County Health
    ------------------------------