I recently read a post on a Facebook group focused on Applied Behavior Analysis where a group member had asked whether or not GSuite’s confidential mode was appropriate for transmission of PHI.
Before I delve into my answer let’s define some terminology.
GSuite confidential is a feature Google released in Q2 2019 to allow its customers to send emails that expire after a period of time and can require a single use passcode to unlock the contents of the email.
Does confidential mode improve the overall security of this email? Let’s break down what's happening:
- A user is generating an email using GSuite confidential mode and selecting an expiry date.
- Email expiry can only be set as low as 1 day by default unless the email is expired on demand.
- Users also have the option of requiring a single use passcode to open the email.
Passcodes sent via SMS
Unfortunately SMS (aka text messaging) is not a particularly safe or secure means of transmitting data – even if its a single use passcode. Why? Simple put the increase of SIM card hijacking has effectively made SMS an insecure means of receiving any type of passwords.
In short SIM card hijacking is a means by which a criminal attempts to take ownership of a victims account by means of social engineering – or convincing a telcos provider to transfer an active line from the victims phone to one in their possession..
There are a number of companies working to solve this issue and US telcos providers have banded together to develop ZenKey as a means to deter this from occurring but the fact remains that SMS is not a secure means of sharing information.
It’s great that GSuite allows users to expire an email but what happens if you accidentally send the email with PHI to the wrong recipient? Confidential mode does allow you to expire the email on demand but at that point you’re already in violation of HIPAA.
Why is that? Simply put the PHI you’re sending in the email is only encrypted in transit. A criminal could in theory get access to a recipients phone via SIM hijacking – use that to password reset the account you sent the email to with PHI to and view PHI.
Okay so dizzying technical jargon aside – should confidential mode be used to send PHI. From my professional perspective – no. The risk of having a data breach is too high and while confidential mode is certainly a handy tool – it’s not worth risking your patients PHI just for some flexibility.
PauBox or Virtru.
Both provide encrypted email solutions that integrate with GSuite and are HIPAA certified.
Better yet use a HIPAA compliant document management system like eFileCabinet or SmartVault and avoid sending PHI over email all together.