PPV: Keep your staff members' e-mail private and secure

In an era of instant connectivity, many physicians find that sending PHI and other confidential information via e-mail is easy and efficient. But not all physicians know the risks associated with the simple act of hitting “send.”

 

Many facilities now encrypt e-mail, as they should. But consider the physician who uses personal e-mail to send information from office to home. Yahoo!, Gmail, Hotmail, and other Internet-based e-mail providers make sharing information convenient, but not necessarily safe. Physicians who use these and similar services could be endangering the security of their patients’ information in the process.

 

“Webmail services open up a hole to pump things out of your organization,” says William M. Miaoulis, CISA, CISM, manager of HIPAA security services at Phoenix Health Systems in Dallas.

 

“You really need to be able to block the ability to use Webmail,” says Miaoulis. “When you block access, some people will complain loudly ... but without the controls, you can send files that go around your firewall, and it goes around your e-mail system security.”

 

Click here to learn how carefully managing your facility’s e-mail helps eliminate or mitigate many of the associated risks.

 

The cost is $10. Briefings on HIPAA subscribers can sign on for free access.