RE: Confidentiality of email
From: Susan (Susan_at_discussions.microsoft.com)
Date: Fri, 24 Jun 2005 05:28:03 -0700
Just to set everyone's mind at ease (especially mine), it turns out that the
person who told me the county wanted us to email the client data was
misinformed. The county has a secure website in which the data is to be
input. I have to admit that I was stunned when first told about the email.
I did some sleuthing and found out the truth. And yes, Ron, HIPAA was the
first thing that came to mind..fortunately, it appears we won't have to get
into a battle with the county!
Thanks for everyone's input...you just reinforced my insistence (as
documented in our IT policy manual), that NO confidential/client information
is to be sent anywhere via email!
> We are a social service agency which does work for various funders. One of
> our funders now wants us to transmit our client data to them via email. I'm
> worried about the confidentiality issues...how real are my concerns? I
> always understood that email is NOT secure. We have a firewall,
> virus/spyware aps, etc., and the funder who wants this info is a county
> agency, but I'm still not convinced. We don't have an internal email
> system...we have a number of email address through our ISP (DSL). Should I
> refuse to send the data that way, or document their request and put the
> responsibility on them? We still feel an obligation to our clients to keep
> their information secure. Any advice would be appreciated!