News & Knowledge Email: 10 Best Practices Many patients use technology to access information and connect with others. Understandably, they want to communicate with their healthcare clinicians in the same way; however, there are risks related to sharing health information via email. To meet the standards of the HIPAA Security Rule and to minimize the risk of a breach, we recommend implementing the following best practices: Inform patients that any sensitive subjects will not be discussed via email (e.g., mental health, reproductive health, substance use, HIV status, or genetic disorders). These conversations should take place in person or over the phone. Encourage patients to communicate electronically through your patient portal. If the patient cannot use the portal, encrypt all… Are you a Curi member? The full content of this resource is available only to Curi members. If you are a member but do not have an account, you can register for an account. If you are unable to register, or want to learn more about becoming a Curi member, contact us for more assistance. As of January 30, 2025, signing in to Curi.com will be easier and more secure. We have a new unified “Sign in” for all clients with multi-factor authentication (MFA). After entering your password, the same one you use now, you will also enter a code sent to your registered email account. Contact us with any questions. Sign In Curi’s risk mitigation resources and guidance are offered for educational and informational purposes only. This information is not medical or legal advice, does not replace independent professional judgment, does not constitute an endorsement of any kind, should not be deemed authoritative, and does not establish a standard of care in clinical settings or in courts of law. If you need legal advice, you should consult your independent/corporate counsel. We have found that using risk mitigation efforts can reduce malpractice risk; however, we do not make any guarantees that following these risk recommendations will prevent a complaint, claim, or suit from occurring, or mitigate the outcome(s) associated with any of them. READ NEXT August 19, 2024February 13, 2025Hospitals/Health Systems | Practice Management | Risk Management OIG Exclusion Monitoring: Frequently Asked Questions (FAQs) What is the role of the OIG? The Office of Inspector General (OIG) was established in the U.S. Department of Health and Human Services to identify… Read more December 1, 2022August 12, 2025Compliance & Regulatory | Health Policy | Physician Patient Relationship | Practice Management On-Demand Education Engage and educate staff on the front lines of patient and resident care with free webinars and presentations on a variety of topics (not eligible for CME credit). Read more July 28, 2022May 29, 2025Compliance & Regulatory | Forms & Templates | Health Policy | Policy Templates | Practice Management Policy: Incident Report Read more