Legal Risks of Email--Part 1. Privacy Concerns.

Personal health information (PHI) contained in email communications is governed by the same health information management legislation as PHI contained in health records. As a result, confi dentiality and privacy are important considerations if email is being used to communicate PHI to recipients who are not part of a secure internal network. Internet-based email systems generally do not provide a level of security appropriate for transmitting sensitive information. Even within a secure internal network, depending on the system in use, special software overlays may be necessary to protect the server and all endpoint devices connected to the network (e.g. desktop computers, laptops, smartphones, etc.). Nurses would be prudent to seek confi rmation from their employer, or, when acting as custodians of PHI, from a qualifi ed IT professional, that the necessary safeguards are in place before transmitting PHI via email.