Encryption Questions and Answers

Summary

Encryption is necessary when sending sensitive information such as patient data (PHI) via email. Below you will find a FAQ that answers the most common questions related to email encryption. Also, there is a link at the bottom of this article that will explain how to encrypt an email.

FAQ

Q: Do I need to encrypt email when sending PHI internally?

A: No, but it is highly encouraged. The decryption process is transparent. You won't notice anything different other than an icon that shows the email is encrypted.

Q: Do I need to encrypt email when sending PHI externally?

A: Yes. You must encrypt any sensitive data such as PHI.

Q: Can a recipient of an encrypted email forward that email to anyone else and those recipients access the encrypted email?

A: No. Only the original recipients are able to access encrypted email as the code used to access the emails are sent to the original recipient.

Q: What if I send an encrypted email to the wrong person on accident?

A: Encrypted email is the same as normal email in this case - whoever receives an encrypted email will have the ability to view the email, even if you send it to the wrong person. Always double check who you're sending an email to if it has sensitive information.

Q: What is an encrypted email protecting exactly?

A: When you send any email - including an encrypted email - it is possible for a bad actor to intercept the data contained in that email while it is in transit from you to the intended recipient. If your email is not encrypted, it is possible for the bad actor to view the contents of that email, including attachments. However, if the email is encrypted, the bad actor would not be able to access the contents or attachments in that email because they would be required to have the code to access the contents.

Instructions

How to send an encrypted email