Electronic Messaging of PHI
HIPAA Compliant Messaging
Ƶ implements reasonable and appropriate measures to guard against unauthorized access to and protect the integrity and confidentiality of electronic Protected Health Information (ePHI) that is being sent, received, or stored using an email or other electronic messaging system (“electronic messaging”). Transmission of any electronic message containing ePHI must be in accordance with Ƶ Privacy Policies governing PHI use and disclosure. Any electronic message that contains ePHI will be sent using a secure electronic messaging system that has been approved by Ƶ IT. Electronic messages that contain ePHI must be stored in a secure manner.
Emailing PHI:
It is the policy of the Ƶ to secure confidentiality of PHI by email. PHI is allowed
in “internal” messages without encryption, i.e., the email must go to another ttuhsc.edu
email address. Transmission of PHI to external parties outside of Ƶ, i.e., any
email address other than ttuhsc.edu, must be encrypted. This is for emails to patients,
providers, hospitals, payors, etc. Here is a guide on how to send encrypted emails:
Zoom Team Chat:
Zoom Team Chat is a HIPAA Compliant messaging platform that allows users to communicate
between coworkers and external Zoom users. Zoom Team Chat allows sending text, audio,
and video messages, and sharing files, and screenshots. Messages can be sent to contacts,
groups, or an entire channel. The Zoom Team Chat option is available through the Zoom
App on computers or mobile devices. Zoom Team Chat is now the HIPAA compliant and
approved electronic messaging platform for Ƶ team members to use when messaging
PHI. Here are some resources on how to use Zoom Team Chat:
Other Electronic Messaging of PHI:
Cortext (by Imprivata) used to be the approved platform to text PHI at Ƶ. However, Cortext will be end of life in March of 2024. Cortext will not be supported after March 15, 2024, and all Cortext users should
stop using Cortext and delete the App from their devices on or before March 15, 2024.
Texting PHI using the text messaging function (SMS) on personal cellphone is prohibited
at Ƶ since text messaging is not HIPAA compliant. Using any other messaging platforms
other than Zoom Chat (or any platform not approved by Ƶ IT) to communicate PHI
is also prohibited. For example, Facebook Messenger shall never be used to communicate
PHI.
FAQ
Here is a guide on how to send encrypted emails:
Please follow the instructions here: . If you have questions, please contact the IT Solution Center at (806) 743-1234 or by email at ITSolutions @ttuhsc.edu
There are a number of requirements identified in the HIPAA legislation for electronic communication of PHI. These include regulations on encryption, authentication, archiving and auditing of information. Zoom Chat allows Ƶ team members to use the App on mobile devices or on computers for convenient messaging while meeting all enterprise-class security requirements, all backed up by the Business Associate Agreement from Zoom.
Please learn how to use Zoom Chat by reading the Ƶ Knowledge Base articles here: .
No, Cortext will be end of life in March of 2024. Cortext will not be supported after March 15, 2024, and all Cortext users should stop using Cortext and delete the App from their devices.
Yes. Here are instructions on how to . Remember, your should not use the camera function on your cellphone to do it. You should always open the Zoom Chat app and use the camera function within the app to take a picture and send it to their colleagues if the picture contains PHI or other confidential information.