Today is Data Privacy Day. I’ve covered a number of events going on over on PogoWasRight.org, but I thought I would use today to mention an aspect of PHI privacy that I haven’t really blogged about here before: emailing your doctor.
As a healthcare provider, I understand that my patients like the convenience of being able to e-mail questions whenever they think of something. I also understand that they may wish to forward e-mails to me that they may receive from their children’s teachers. But I wish they wouldn’t as I really don’t want to have their sensitive information being transmitted unencrypted and I really would prefer not to have their email residing on a server that might be hacked at any time.
And so I try to educate my patients about the perils of using e-mail and encourage them that if they feel they really need to email, not to use their child’s name in any communication or put anything so sensitive in email that they would be horrified if wound up being exposed and archived on the Internet.
But it’s not just my patients where I feel such concern, as colleagues may email me about mutual patients. And despite my efforts to educate them, they may put a patient’s name as the subject line.
Clearly, I’ve still got my work cut out for me, but on Data Privacy Day, please think about how you might be using email with your doctors or your children’s doctors or your colleagues and consider whether you are taking any unnecessary privacy risks. It’s not our liability as healthcare professionals that I’m worried about here — it’s your confidentiality and privacy.