Does the HIPAA Privacy Rule permit a covered health care provider to e-mail or otherwise electronically exchange protected health information (PHI) with another provider for treatment purposes?

Yes. The Privacy Rule allows covered health care providers to share PHI electronically (or in any other form) for treatment purposes, as long as they apply reasonable safeguards when doing so. Thus, for example, a physician may consult with another physician by e-mail about a patient’s condition, or health care providers may electronically exchange PHI to and through a health information organization (HIO) for patient care.

 

Created 12/15/08


Content created by Office for Civil Rights (OCR)
Content last reviewed on July 26, 2013