Is sending an Email without any PHI violates HIPAA privacy rule?

Question

I am evaluating options to choose email providers for a HIPAA compliant web application. I understand that, if the email contains any form of PHI, it would be violating the HIPAA rule especially if the email is not encrypted.

What if the email that is been sent only contain a link to login and nothing else ? Would it still be violation of HIPAA ? I am concerned about the part that email being identified as PHI from the list of PHI's. So, would the recipient email address itself would be considered as a PHI and violate HIPAA ?

score 1 · Answer 1 · answered May 17 '20 at 18:14

What if the email that is been sent only contain a link to login and nothing else ?

You are good to go. There is nothing to worry about if you send the mail which consists of link that asks the person to use login credentials to access PHI.

would the recipient email address itself would be considered as a PHI and violate HIPAA ?

Mail address is not health related data(so it doesn't violate HIPPA), it is a PII though.

Is sending an Email without any PHI violates HIPAA privacy rule?

1 Answers1