Here is a question from “Ask Erik:”
Dear Dr. Kangas, When I write an email to a patient from my LuxSci account, it is encrypted and therefore HIPPA compliant. When they write me back from their regular email address (it’s often hard to get them to sign up at LuxSci), they are putting [PHI /Medical Information] out without security, but that is not my HIPPA violation as I understand it because patients are not required to keep their PHI secure. Yet often a patient replying to my email simply hits ‘reply’ and my email is attached to their reply, putting my original email in an insecure from on the Internet. Does that become therefore a HIPPA violation of mine, especially if I continue to allow this without telling the patient to stop doing this?
Read the rest of this post »