First you suggest this:
“Encrypt the email using private/public keys.”
Then you suggest this:
“Encrypt the file (not the email) using some software and a phrase for the key, and give the phrase to the patient in person or over the phone.”
The chances of either solution working for average patients is 100% zero. Most people don’t understand what PGP/GPG encryption is and sending an encrypted attachment and then giving a password over the phone is a mess waiting to happen.
That said I think the only solution that could practically work would be an encrypted PDF with password protection. The PDF can be sent as an attachment and an password can be passed along by phone, mail or even email.
But that said you also state this; bold emphasis is mine:
A doctor friend of mine wants to email reports to her patients, but doesn’t do so as she only wants it to be viewed by the patient.
At the end of the day, you can only control how to lock something, but you cannot prevent anyone from seeing the contents if the person on the other side is sloppy with password storage. Meaning, an encrypted PDF is a good solution, but if your patient leaves the password on a PostIt™ note on their desk or prints it out, there is nothing to stop anyone nearby from reading that content.
Of course, that is an expected risk, but thought it would be best to mention it. At the end of the day the best you can hope for is to protect the PDF in transmission from doctor to patient; past that all bets are off.
And FWIW, the HIPAA (The Health Insurance Portability and Accountability Act) does accommodate for the use of emails to communicate with patients regarding their care regardless of the e-mail being encrypted or unencrypted; bold emphasis is mine:
Does the HIPAA Privacy Rule permit health care providers to use e-mail to discuss health issues and treatment with their patients?
Yes. The Privacy Rule allows covered health care providers to communicate electronically, such as through e-mail, with their patients, provided they apply reasonable safeguards when doing so. See 45 C.F.R. § 164.530(c). For example, certain precautions may need to be taken when using e-mail to avoid unintentional disclosures, such as checking the e-mail address for accuracy before sending, or sending an e-mail alert to the patient for address confirmation prior to sending the message. Further, while the Privacy Rule does not prohibit the use of unencrypted e-mail for treatment-related communications between health care providers and patients, other safeguards should be applied to reasonably protect privacy, such as limiting the amount or type of information disclosed through the unencrypted e-mail. In addition, covered entities will want to ensure that any transmission of electronic protected health information is in compliance with the HIPAA Security Rule requirements at 45 C.F.R. Part 164, Subpart C.
Apparently HIPAA Security Rule requirements at 45 C.F.R. Part 164, Subpart C can be found somewhere over here, but I can’t seem to find the specifics.
a) simply send the email, the user already have to autenticate him/herself when getting emails b) set up a webpage with patient based authentication – Ipor Sircer – 2017-01-12T01:40:37.227
If you want to encrypt the attachment, use existing software like WinZip, but any other solution would be more complicated by avoiding doing it right and encrypting the email itself – Ramhound – 2017-01-12T01:43:24.307
@Ramhound And how would a patient on the other end deal with Zip file encryption? In my experience, badly at best. And with passwords being conveyed over the phone? Boy howdy! Mess city! – JakeGould – 2017-01-12T02:04:01.713
You just open the archive. Winzip handles the encryption. I didn't say it was a good idea, but the alternatives, are more complicated the email encryption implementations – Ramhound – 2017-01-12T02:16:21.093
It's extremely likely, if your doctor friend sends patient files by email unless the ENTIRE email is encrypted or will violate HIPAA. The proper way, host the encrypted files, behind an account system, that only allows the patients to access the account. Sending a patient their test results to a google mail account is a horrible idea – Ramhound – 2017-01-12T02:21:43.823
4If you think the recipients will be unable to unzip or decrypt an attachment, then you're basically SOL when it comes to email. If the doctor doesn't trust email, then don't use email; use a web server, reports in PDF, and logins for the patients. – Ƭᴇcʜιᴇ007 – 2017-01-12T02:32:08.317