NU Online News Service, June 6, 2003, 12:28 p.m. EDT – Twenty-one of the top 60 U.S. health “payers” may have at least occasional trouble with electronic-mail privacy compliance, according to Zix Corp., Dallas.
Zix, which sells e-mail systems to health care companies, says it analyzed a sample of 4.4 million plain-text e-mail messages sent and received by 7,500 health care organizations over seven days.
Federal health privacy regulations require organizations to encrypt personal health information sent through electronic mail, but more than one-third of the payers in the sample and 53 of the top U.S. health care chains and health systems seemed to be transmitting some personal information through plain-text electronic mail, Zix says.
Zix estimated that 4.4% of the plain-text e-mail messages sent by the organizations included in the sample contained personal health information.
Zix notes that it developed special auditing procedures to screen for the presence of personal health information in the e-mail messages without violating the privacy of the senders, the recipients or the participating health care organizations.