Electronic Messaging of PHI
HIPAA Compliant Messaging
Ογ½ΆΦ±²₯ implements reasonable and appropriate measures to guard against unauthorized access to and protect the integrity and confidentiality of electronic Protected Health Information (ePHI) that is being sent, received, or stored using an email or other electronic messaging system (βelectronic messagingβ). Transmission of any electronic message containing ePHI must be in accordance with Ογ½ΆΦ±²₯ Privacy Policies governing PHI use and disclosure. Any electronic message that contains ePHI will be sent using a secure electronic messaging system that has been approved by Ογ½ΆΦ±²₯ IT. Electronic messages that contain ePHI must be stored in a secure manner.
Emailing PHI:
It is the policy of the Ογ½ΆΦ±²₯ to secure confidentiality of PHI by email. PHI is allowed
in βinternalβ messages without encryption, i.e., the email must go to another ttuhsc.edu
email address. Transmission of PHI to external parties outside of Ογ½ΆΦ±²₯, i.e., any
email address other than ttuhsc.edu, must be encrypted. This is for emails to patients,
providers, hospitals, payors, etc. Here is a guide on how to send encrypted emails:
Zoom Team Chat:
Zoom Team Chat is a HIPAA Compliant messaging platform that allows users to communicate
between coworkers and external Zoom users. Zoom Team Chat allows sending text, audio,
and video messages, and sharing files, and screenshots. Messages can be sent to contacts,
groups, or an entire channel. The Zoom Team Chat option is available through the Zoom
App on computers or mobile devices. Zoom Team Chat is now the HIPAA compliant and
approved electronic messaging platform for Ογ½ΆΦ±²₯ team members to use when messaging
PHI. Here are some resources on how to use Zoom Team Chat:
Other Electronic Messaging of PHI:
Cortext (by Imprivata) used to be the approved platform to text PHI at Ογ½ΆΦ±²₯. However, Cortext will be end of life in March of 2024. Cortext will not be supported after March 15, 2024, and all Cortext users should
stop using Cortext and delete the App from their devices on or before March 15, 2024.
Texting PHI using the text messaging function (SMS) on personal cellphone is prohibited
at Ογ½ΆΦ±²₯ since text messaging is not HIPAA compliant. Using any other messaging platforms
other than Zoom Chat (or any platform not approved by Ογ½ΆΦ±²₯ IT) to communicate PHI
is also prohibited. For example, Facebook Messenger shall never be used to communicate
PHI.
FAQ
Here is a guide on how to send encrypted emails:
Please follow the instructions here: . If you have questions, please contact the IT Solution Center at (806) 743-1234 or by email at ITSolutions @ttuhsc.edu
There are a number of requirements identified in the HIPAA legislation for electronic communication of PHI. These include regulations on encryption, authentication, archiving and auditing of information. Zoom Chat allows Ογ½ΆΦ±²₯ team members to use the App on mobile devices or on computers for convenient messaging while meeting all enterprise-class security requirements, all backed up by the Business Associate Agreement from Zoom.
Please learn how to use Zoom Chat by reading the Ογ½ΆΦ±²₯ Knowledge Base articles here: .
No, Cortext will be end of life in March of 2024. Cortext will not be supported after March 15, 2024, and all Cortext users should stop using Cortext and delete the App from their devices.
Yes. Here are instructions on how to . Remember, your should not use the camera function on your cellphone to do it. You should always open the Zoom Chat app and use the camera function within the app to take a picture and send it to their colleagues if the picture contains PHI or other confidential information.