Sending non-secure emails
Patient records and consulting/operating lists can now be sent from 'Specialist Practice Manager' (SPM) and 'Private Hospital Manager' (PHM) to recipients who are not using a secure messaging system. This function can be enabled separately for each User (specialist).

You may already be aware that the Privacy Commissioners in both New Zealand and Australia have expressly warned that sending of non-secure emails that could identify a patient, and/or includes a patient's medical record, is likely to be a breach of the country's relevant Privacy laws.

It is the recommendation of Incisive Software Limited that any correspondence that can identify a patient, or includes patient records, should be both encrypted and use certificates to authenticate the receiver and sender. The HealthLink and other secure health messaging systems automatically performs both of these functions.

It is the opinion of Incisive Software Limited, that if a Third Party requests a patient's record be sent to them via non-secure email, that it is still the responsibility of the sender to assess whether reasonable steps are being taken to protect the patient's privacy.

If you are going to proceed with the use of the non-secure email feature, you should firstly seek, and gain the patient's approval.

Establishing an email account, configuring your network system to allow internet or email access on your network, or solving problems related to sending non-secure emails is not the responsibility of Incisive Medical Systems.

You are also required to indemnify Incisive Software Limited from any consequences of sending non- secure emails from SPM or PHM by agreeing with and signing the following indemnity agreement.

Once the Indemnity Agreement has been signed and s to Incisive Medical Systems a security code will be provided which you can enter to enable the email function.