Study Finds Doctors Not Using Encrypted Email

by Neil Farquharson

I’ve just been reading a paper from the Canadian Journal of Diabetes. It describes a study of doctors using – or in this case not using – email to communicate with their patients, and the study’s conclusions surprised me. It seems that many doctors are avoiding using email to communicate with patients because they believe that email is not only insecure, but also because patients may find it too difficult to decrypt these emails. I thought: what a bizarre point of view. One of the authors of the study, Doctor Doreen Rabi was quoted by a local news agency doctorssaying “encryptions could be too secure to be useful — patients might not know how to decrypt emails.” I could not help but wonder, does my doctor consider me as thick as Dr. Rabi considers her patients? It is a shame; because Dr. Rabi goes on to state “Things that might require a quick medical visit could be easily worked out over email, saving a lot of time.” On this we can agree: not every communication with my doctor requires an office visit and a 45 minute wait. In fact, for my last visit to a specialist, I was offered the opportunity to arrive half an hour early to fill in all the forms, or to download the forms at home, fill them in, and bring them with me. Instead I offered to download the forms and then send them to their office by encrypted email. The telephone receptionist was at first reluctant, but then agreed. Then, after I had sent her my forms as attachments, she was back on the phone to me within 15 minutes delighted that the forms had arrived appropriately; and securely too. Health providers are in competition with each other for our healthcare dollars, and it seems to me that there is a clear competitive advantage for doctors and other health providers who offer secure email facilities to their patients. Not only could patients fill in documents at home and send them as secure attachments, but also they could communicate with medical staff without listening to time-wasting automated messages on the phone, and then being required to describe medical conditions over an open line. Zix clients, however, are provided with a branded email portal that is dedicated to their health related business, where their patients can go to communicate with medical staff, either receiving emails or sending new ones. Patients who wish to send an email do not need to wait for a particular time of day, nor do they need to wait to receive an email before being able to reply. Zix portals are very easy for patients to use: They do not need to have any technical knowledge and are not required to “decrypt” anything. The doctor sends a secure email, the patient receives a short notification email instructing them to click on a button, and the patient then is able to read the secure email. Likewise, the doctor does not need to “encrypt” anything. He or she simply types the email in the normal manner and presses send. The Zix system instantly scans the email for HIPAA and personally identifiable information and automatically encrypts the email. It is unfortunate that the authors of the paper above did not realize that secure email is easy to use and requires no training in encryption or cryptology. We have the solution they’re looking for here at Zix.

Posted: 12/10/2015 12:00:00 AM by Global Administrator | with 0 comments
Filed under: Data, Email, Encryption, HIPAA, Protection

Recent Posts


Fake Voicemail Messages Target Companies

by David Bisson

View Blog Post


CISA Warns Users to Be on the Lookout for Holiday-Themed Digital Attacks

by David Bisson

View Blog Post


How ZixArchive Makes Regulatory Compliance Accessible and Advantageous

by Dena Bauckman

View Blog Post