The Federal HIPAA Security Rule states that all emails that contain confidential Protected Health Information (PHI) must contain an email Disclaimer Notification Statement.
The Compliance and Privacy department recommends that everyone add an email disclaimer as part of their signature block. That way it is automatic, and you are not having to retype it every time you send emails containing PHI.
Below is a recommended email disclaimer statement: However, your business unit is welcome to create and publish its own.
This electronic mail message, including any attachments, may be confidential or privileged under applicable law. This email is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this email, you are notified that any use, dissemination, distribution, copying, disclosure, or any other action taken in relation to the content of this email including any attachments is strictly prohibited. If you have received this email in error, please notify the sender immediately and permanently delete the original and any copy of this email, including secure destruction of any printouts.
Please keep in mind the 18 HIPAA Identifiers. Any of the three listed together along with any personal health information is considered HIPAA and is also covered by Federal and State Privacy Laws.
- Patient names
- Geographical elements (such as a street address, city, county, or zip code)
- Dates related to the health or identity of individuals (including birthdates, date of admission, date of discharge, date of death, or exact age of a patient older than 89)
- Telephone numbers
- Fax numbers
- Email addresses
- Social security numbers
- Medical record numbers
- Health insurance beneficiary numbers
- Account numbers
- Certificate/license numbers
- Vehicle identifiers
- Device attributes or serial numbers
- Digital identifiers, such as website URLs
- IP addresses
- Biometric elements, including finger, retinal, and voiceprints
- Full face photographic images
- Other identifying numbers or codes
Staying Safe and Secure is our Priority
If you would like general information about HIPAA, click to view the HIPAA page. Or, if you would like information regarding Travis County’s HIPAA Policies, or to report a suspected privacy concern, contact the Travis County Compliance and Privacy Officer.