The DOs and DO NOTs of Email Security

Criminals do not take a holiday vacation!!

Jul 20, 2018 | Compliance

Dear Wiks,

Wishing you a Happy and Healthy 2018 from all of us at Healthcare Compliance Network!

As we conclude this Holiday Season, we want you all to remember that it is important not to let our guard down when it comes to email security. Criminals do not take a holiday vacation!! Here are some best practices for email security both at work and at home!


  • Always check the sender’s email address before opening any emails.
  • Report suspicious emails to your manager and or IT group
  • Remove the email “Preview” feature from your inbox.
  • Get patient permission in writing before sending any medical information to them via email.
  • Limit the information transmitted to the minimum necessary to meet the requester’s needs.


  • Send PHI to email addresses outside of your organization unless specifically authorized by the patient.
  • Click links or download content from unknown or unexpected senders.
  • Use email as a replacement for a clinical visit
  • Use personal email accounts to communicate patient related information
  • Use one generic email account for multiple individuals


The Healthcare Compliance Network Team