HIPAA email requirements

Using Free Gmail & Hotmail Accounts for Your Health Care Organization IS a HIPAA Violation

Submitted by Sean Huggans on

"But we tell patients not to email us PHI…"

Spoiler: It doesn't matter. You're still liable.

If your health care organization is using a free Gmail, Hotmail, Outlook.com, MSN, or Yahoo account for any patient-facing communication, you're already in violation of HIPAA—whether you realize it or not. And unfortunately, disclaimers in your footer, verbal warnings to patients, or additional security measures can't change that legal reality.

Tags
HIPAA email requirements
Gmail HIPAA compliant
free email HIPAA
Business Associate Agreement
BAA requirement
HIPAA penalties
HIPAA fines
OCR enforcement
health care email compliance
medical practice email
HIPAA email rules
protected health information
PHI email
Gmail for doctors
Hotmail HIPAA
Yahoo mail HIPAA
free email services healthcare
HIPAA violation examples
email encryption healthcare
HIPAA Security Rule
HIPAA compliant email
Microsoft 365 healthcare
Google Workspace HIPAA
trustifi
email BAA
healthcare IT compliance
small practice HIPAA
rural health care IT
HIPAA audit
OCR investigation
patient email security
medical email compliance
HIPAA email disclaimer
healthcare data breach
email PHI violation
HIPAA enforcement 2024
Subscribe to HIPAA email requirements