• The Transmission of HIPAA Regulated Protected Health Information Between a HIPAA Covered Entity and a Patient via E-Mail - Must it be Encrypted?
  • May 2, 2017 | Author: David Meinhard
  • Law Firm: Harwood Lloyd, LLC - Hackensack Office
  • A physician asked the following: If a patient wants to send a physician or other HIPAA Covered Entity (CE) electronic copies of her medical records from a prior physician, and is insisting that she send the medical records via unencrypted e-mail, should the CE agree to the patient’s request? If she sends her medical records from another physician via unencrypted e-mail, will the CE’s acceptance and use of those records be in violation of the HIPAA Privacy and Security regulations? What about if the CE then respond to her e-mails via non-encrypted e-mail, where Protected Health Information (PHI) is included - will that violate HIPAA?