Get Help

Online: Request Help
Phone: (707) 826-4357 • Hours
Walk-In: Library 101 • Hours
Reset HSU Password
System Status

Is email a safe way to send medical (HIPAA) data?

Printer-friendly version

No, email is not safe for HIPAA data, which is subject to similar rules as Level 1 protected data. HIPAA (the Health Information Portability and Accountability Act) requires that any electronic transmissions containing protected health information (PHI) be encrypted using strong encryption. Messages containing PHI that are transmitted over unencrypted email are archived and can be transmitted onwards by every program or device that receives them. Email messages, their attachments, and archives are highly vulnerable to improper disclosure and may put both the University and the provider sending the email at risk.