FAQ: Send Secure FAQs

 

Partners HealthCare Send Secure

Frequently Asked Questions (FAQs)

 

What type of information must be sent securely?

State and federal regulations require that emails containing protected health information and personal information be encrypted if they are sent outside our Partners firewall. It is strongly recommended that emails containing other Partners Confidential Data also be encrypted using Send Secure. Sending confidential information via email contains risks and should only be done when necessary and in accordance with policy and security requirements.

What is Send Secure?

Send Secure is an email service designed to protect Partners Confidential Data contained in messages sent from a Partners email address to a non‐Partners email address. If you must use email to communicate Partners Confidential Data to a non‐Partners address, you must send the message securely.

What is Partners Confidential Data?

Partners Confidential Data includes electronic protected health information (PHI), personal information, intellectual property, and employee information. Partners Confidential Data also includes any other non‐public information that would subject Partners, the data owner, or the data subjects, to harm if the data was lost, stolen, or accessed by unauthorized individuals.

Does Protected Health Information (PHI) need to be sent securely?

Yes. Any email containing Protected Health Information must be encrypted and sent securely. The recommended ways to send this information are to use Patient Gateway, the LMR application, or another clinical messaging system that may be in use at your specific site. Send Secure is an alternative if you do not have access to these other methods.

What do I need to do to send a secured message?

Senders need to type the words send secure in the subject line of the email message. The secure code can be placed anywhere in the subject line. The code identifies the message as secure and encrypts the contents. When the recipient(s) opens the message, the sender will receive an automated read receipt.

Is the subject line of the message encrypted?

No, the subject line of an email message is not encrypted. Please do not include any patient identifier in the subject line of your message. Examples of patient identifiers include first name, last name, and medical record number.

What if I use the incorrect code to send my secure email?

You will get an automated email receipt for all email messages sent with the correct secure email code; check your sent items folder to review the text of your original message to confirm that the code was typed properly as send secure. If you do not receive the automated read receipt, it means your email message was not sent securely or never opened by the recipient. Information Systems recommends that you resend the message with the exact code and retain the automated receipt for auditing purposes.

What is the proper way to enter the secure email code?

The secure email code is send secure. Ideally, this should be entered as two words, all lowercase with no bolding or quotations. However, the code is not case sensitive. If you type Send Secure, the email will be sent encrypted. Other scenarios are as follows:

• Your message will be sent securely if the two words are combined.

• Your message will be sent securely if there are multiple spaces between the two words.

• Your message will be sent securely if there is other text before or after the secure email code.

• Your message will NOT be sent securely if you put text in between the key words.

Isn’t all my email secure?

Your mail is secure in that it is private and password protected. However, it is not encrypted when you send it outside of the Partners network to a non‐Partners email address. To encrypt the text of your message that contains Partners Confidential Data, please type send secure anywhere in the subject line of the message.

What's the size limit?

Send Secure has a mail message size limit of 10MB and an attachment file size limitation of 7.5MB

What’s the difference between laptop encryption and email encryption?

Laptop encryption encrypts data on the actual computer. It does not encrypt individual emails being sent outside the Partners network. Individual emails containing protected health information and personal information must be secured by including send secure anywhere in the subject line of the message.

If my laptop is encrypted, does that mean my email is automatically encrypted?

No. Individual emails must still be secured by including send secure in the subject line of the message.

Are there other secure alternatives to send Protected Health Information?

Yes. Some sites use Patient Gateway to electronically send Protect Health Information to patients. Each site may have other options available. Check with your Site Security Officer on alternate ways to send Protected Health Information. Send Secure is a good option for sites that are not using another means for conveying information securely.

What other entities have secure email with Partners HealthCare?

Some sites use Patient Gateway for secure communications. In addition, there are secure communication channels in place between Atrius, Massachusetts Eye & Ear Infirmary, and other entities. Click here to see a full listing of secure channels. In these instances, there is no need to do any additional encryption.

Should I continue to use Patient Gateway if my practice uses that application?

Yes. Patient Gateway is the preferred method for providers to communicate electronically with patients and is fully compliant with state law. For information about Patient Gateway, please contact your Service Desk or your LMR Analyst.

Are there other solutions for Provider to Provider communications?

Clinical messaging can be an efficient alternative to email for provider to provider communications.

ChartLinx is a system that allows clinical messages to be sent securely between providers using LMR and GE Centricity. Clinical messages generated in ChartLinx are transferred securely, and there is no need to do any additional encryption.

Is Send Secure different from Secure File Transfer Service?

Yes. Partners Research Computing offers a Secure File Transfer Service to exchange large files with collaborators both inside and outside of Partners HealthCare via a web browser rather than ftp. The service is a secure web based application with anti‐virus detection built in. For more information on Secure File Transfer, please visit http://rc.partners.org/sFTP

Are there stepbystep instructions available?

Yes. Detailed instructions for both senders and recipients are available at: https://partnershealthcare.service-now.com/phsess/kb_view.do?sysparm_article=KB0018778

What must the Recipient do to read the message?

When a recipient with a non‐Partners email address opens the message, they will need to register and create a password in order to read the encrypted message. This is a one‐time only registration process that takes a few minutes to complete. The registration process is similar to setting up an account with Amazon.com or a banking website.

How do senders get help with Send Secure?

Please review information at: https://partnershealthcare.service-now.com/phsess/kb_view.do?sysparm_article=KB0018778

Open a Service Desk Ticket

Call your Service Desk

My recipients are having trouble and need assistance. How should I direct them?

There are two websites that are helpful to recipients: