Sunbelt Blog

Transmitting Medical Records ... The Ins and Outs

 Email Article  

  

  

 delicious  

  

You've asked your legal assistant to retrieve medical records for a court case and then email you a copy at your home email address so that you can work on the case from home. Not a problem, right? It depends. Email is not an inherently secure transmission method. While you may not be a "covered entity" subject to HIPAA's Security Rule, transmitting sensitive information over insecure channels is generally not advised. Just as you wouldn't broadcast your credit card or Social Security number over unsecure channels, you should take care with the sensitive information of your clients.

So, what are your alternatives? There are many ways to share files securely, allowing you to receive the medical records you need wherever you happen to be without the worry of compromising the sensitive data within these files. Two reliable medical records transmission options are: encrypted email and secure file sharing sites. 

Using Encrypted Email
Your email client program is likely equipped to handle encrypted email. For example, if you use Microsoft Outlook, you can obtain a digital ID and then use Microsoft Outlook to send and receive encrypted email messages. You'll need to sign up for a digital ID at a certifying authority such as VeriSign. This involves paying a small fee. Once you've established your digital ID, you can use Outlook's encryption and digital signing tools to send encrypted and digitally signed email messages. These messages will be unreadable to anyone other than the intended recipient. Hackers intercepting your messages will see only garbled, meaningless characters while your intended recipients will have the "keys" to decrypt the message.

Using Secure File Sharing Sites
Another option is to sign up for a secure file sharing site. Look for a file sharing service that complies with HIPAA and the Gramm-Leach-Bliley Act as those will have high levels of encryption and advanced security options. These services are relatively inexpensive. For example, YouSendIt.com, which meets all of the above security requirements, costs about $15 per month for a single user at the "pro" level.

Compressing and Transmitting Medical Records
Another option involves compressing the file using WinZip 9.0 or above. WinZip 9.0 supports the Advanced Encryption Standard. In order for this to work, both you and your intended recipient must have WinZip 9.0 or above. In addition, you will be prompted to create a password when you compress and encrypt your medical records using this method. You will need to share this password with your recipient. While you may email the encrypted ZIP file, you'll want to use a different method of transmitting the password for opening it such as by phone.

Using secure transmission methods to send and receive medical records is smart, even if you are not subject to HIPAA regulations. Once you have either a digital ID, access to a secure file sharing service, or compression software capable of strong encryption, securing electronic medical records is easy, too.