Health Information Compliance Alert

HIPAA Study:

ARE YOU TRANSMITTING PHI IN YOUR E-MAIL?

A recent study reveals that many healthcare organizations are unwittingly transmitting protected health information via their e-mail accounts.

The study results were announced June 5 by the Dallas-based Zix Corporation and revealed that many leading healthcare organizations are transmitting messages that contain PHI over public networks without using appropriate safeguards.
 
Zix Corp. analyzed a portion of over 4,400,000 e-mail messages sent and received by over 7,500 healthcare organizations, representing the inbound and outbound traffic for approximately seven days for each of the audited organizations. The purpose of the study was to determine what percentage of such messages contained PHI.
 
On average, more than 53 percent of the top 100 U.S. healthcare chains and health systems - and 35 percent of the top 60 healthcare payors - had transmitted via plain-text e-mail information that these organizations are required to protect under HIPAA. Overall, the study revealed that 4.4 percent of outbound e-mail Zix Corp. analyzed contained protected health information. The study analyzed unencrypted e-mail traffic from organizations that had implemented a number of different kinds of solutions, including a variety of technology solutions, a reliance on directives to employees or internal policy-only solutions, and a combination of these measures.
 
Zix Corp. noted that records of unprotected e-mail are created wherever the e-mail is sent. "Each time a healthcare organization sends an e-mail containing [PHI] without the appropriate safeguards to another party, a record of the event may reside indefinitely on the recipient's email server or in its archives," the company said in the release. "Once that record has been created, it may be used as evidence of non-compliance by governmental regulators or by lawyers seeking to use it in civil litigation."

Other Articles in this issue of

Health Information Compliance Alert

View All