FROM: Karen Thomas - VP/CIO Information Services;
Andrew Curtin, M.D. - Chairman, MLH Medical Executive Committee
RE: Patient Information and ZixMail
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
mandated important restrictions to access your patient’s medical
information. One of these is the electronic transmission of patient
information. When using email to transmit Protected Health Information
(PHI), physician offices as well as healthcare organizations must
provide safe and secure encryption of that information across the
Any Protected Health Information being sent OUT of the MLH Intranet to a
recipient with a non-MLHS.ORG address will be automatically encrypted by
a product called ZixMail. ZixCorp is an independent company providing
security solutions for email. The company has been instrumental in
maintaining a not-for-profit organization called “HealthyEmail.org” that
promotes physician use of encryption for sensitive PHI. Healthy
email.org and ZixCorp have combined to provide (free of charge for two
years) the software to automatically review an encrypted email on your
office or home computer.
By providing the software free for two years, ZixCorp is clearly
positioning themselves to dominate this burgeoning market. They have not
clearly stated the eventual subscription costs but indicate it will be
“reasonable”. Nonetheless, even if you do not wish to download the free
program to your computer, you and your patients will always be able to
view the contents of a ZixMail encrypted email with just one more step.
The ZixMail encrypted email will direct you to a secure website to
retrieve the sensitive information upon signing in to the site. However,
we recommend trying the ZixMail client for free; it is in use by many
healthcare and financial institutions already, including some third
party insurers for transmitting billing information.
The ZixCorp's Secure E-Messaging Solution in use at MLH automatically
probes any email for combinations of words such as patient names,
diseases, account numbers that indicate Protected Health Information
content. Again, this will only occur for OUTBOUND email communications
from Main Line Health to your non-Main Line Health email addresses.
Practically speaking, the number of times such an encryption will occur
will likely be uncommon but the process must be in place.
The secure e-messaging solution is scheduled to be implemented on
Monday, Nov. 14, 2005.
If you choose to use ZixMail to make it easier to open one of these
encrypted emails, visit healthyemail.org/register.php
to obtain up to three free licenses for two years. This site also
provides resources to educate physicians and patients about the benefits
of secure email.
If you have any questions, please contact the Help Desk at 484.596.2332.
More About Secure E-Messaging at Main Line Health…
For more information, call 1.866.CALL.MLH.