HIPAA’s Innocent Enemy: Email

Ancient Romans used a device called a “scytale” to encrypt important messages

The simplest, surest way for a doctor’s office to run afoul of HIPAA guidelines and put patient privacy at risk is a handy temptation that is in front of us daily.

You may run a well-secured office network with encrypted data and firewalls in place, but the moment someone sends an email to, from, or about a patient, you are at risk of violating HIPAA regulations.

It’s true.

Innocent, helpful email should never ever ever be used to discuss medical or personal matters with or about patients. The reason’s simple: email is not encrypted. Unless…


…unless, somehow you can encrypt your email. And all replies. Not only must doctors send secured messages to their patients, but any answers received from the patient to have be encrypted as well. This just isn’t possible with Apple Mail, Outlook, Gmail, or the other familiar email approaches.

Keryx Mail in action. It’s familiar – but secured.

Because our doctor clients are anxious for a solution, Odyssey’s been working on a way to communicate with patients and other doctors that is HIPAA-compliant, and we’ve finally got one. We call it Keryx Mail. Keryx Mail is a webmail client that works with total security — for both the doctor’s office AND the patient.

Here’s a simple scenario. A medical office logs into their Keryx Mail client from their web browser. It looks and acts like a familiar email program. In there they send a message to a patient. The patient receives an email, but the message contains only a notification about the secured communications and a link so they can view it. When they click the link, the patient also is sent to the Keryx webmail page. If they’ve never been sent a Keryx message before, they’ll be required to create an account so that they can see their mail. Going forward, they’ll log into the Keryx webmail page with that ID and password to continue communicating with their medical professional.

It’s an elegant, simple, fully HIPAA-compliant way to communicate between patients and medical professionals. It’s also quite affordable. (Especially compared to the awful situation of getting caught in a serious HIPAA violation.) We’d love to show it to you. For a demonstration of Keryx and all your questions answered, try the form below.


Contact Form

PS: That form, by the way, is protected through our secure one-way Keryx contact form technology.