We’re bringing several new doctors into our email system. In their old system, they were allowed to maintain and use only their personal email.<\/p>\n

Advertisement

Close

I need to present reasons to convince those in charge they need to make them all be in the company’s system.<\/p>\n

Advertisement

Close

Thoughts that come to mind:
\nHIPAA - the system is managed and maintained by us for HIPAA compliance - personal email is not. (was told this alone was not a good enough reason)
\nSingular address book in the company (push back is - their address can be added as a global contact so they can be found by anyone trying to email them)
\nLegal - If a subpoena is presented, company IT takes care of this - dealing with that on personal email seems challenging at best
\nManaging company communications when user is no longer with company<\/p>\n

What other reasons can you think of for why they should be on corporate email instead of personal?<\/p>\n

Or if you have reasons why it shouldn’t matter and anyone would be able to use whatever email they want - please give those as well - helps us prepare for those counter arguments.<\/p>","upvoteCount":10,"answerCount":44,"datePublished":"2025-05-07T14:31:11.035Z","author":{"@type":"Person","name":"Dashrender","url":"https://community.spiceworks.com/u/Dashrender"},"suggestedAnswer":[{"@type":"Answer","text":"

We’re bringing several new doctors into our email system. In their old system, they were allowed to maintain and use only their personal email.<\/p>\n

I need to present reasons to convince those in charge they need to make them all be in the company’s system.<\/p>\n

Thoughts that come to mind:
\nHIPAA - the system is managed and maintained by us for HIPAA compliance - personal email is not. (was told this alone was not a good enough reason)
\nSingular address book in the company (push back is - their address can be added as a global contact so they can be found by anyone trying to email them)
\nLegal - If a subpoena is presented, company IT takes care of this - dealing with that on personal email seems challenging at best
\nManaging company communications when user is no longer with company<\/p>\n

What other reasons can you think of for why they should be on corporate email instead of personal?<\/p>\n

Or if you have reasons why it shouldn’t matter and anyone would be able to use whatever email they want - please give those as well - helps us prepare for those counter arguments.<\/p>","upvoteCount":10,"datePublished":"2025-05-07T14:31:11.103Z","url":"https://community.spiceworks.com/t/why-business-persons-shouldnt-use-personal-email/1203450/1","author":{"@type":"Person","name":"Dashrender","url":"https://community.spiceworks.com/u/Dashrender"}},{"@type":"Answer","text":"

HIPAA would be enough I’d think. Discovery would be another biggie.<\/p>","upvoteCount":18,"datePublished":"2025-05-07T14:40:15.462Z","url":"https://community.spiceworks.com/t/why-business-persons-shouldnt-use-personal-email/1203450/2","author":{"@type":"Person","name":"Denis-Kelley","url":"https://community.spiceworks.com/u/Denis-Kelley"}},{"@type":"Answer","text":"

I wouldn’t consider forcing a doctor to limit their means of contact, as they are on call 24/7 to not just the organization, but to their patients (assuming each may practice as such). At least not without a more extensive understanding of their own professional and legal obligations. (One can’t just say HIPAA like a magic spell.)<\/p>\n

An MD is a professional license which carries its own set of rules and responsibilities. And as each doctor is required to carry their own malpractice insurance, they may be considered more like contractors than employees. Medical law is a big CEU obligation to anyone in healthcare. This might be a good reason for you to study beyond the IT requirements, just to meet their needs.<\/p>\n

The wife and I also have had personal experiences where HIPAA and legal reasons<\/em> have been an impediment to good healthcare. It’s nice having an older doctor who’s fed up with the system and just wants people to get better.<\/p>","upvoteCount":5,"datePublished":"2025-05-07T15:15:22.721Z","url":"https://community.spiceworks.com/t/why-business-persons-shouldnt-use-personal-email/1203450/3","author":{"@type":"Person","name":"jessevas","url":"https://community.spiceworks.com/u/jessevas"}},{"@type":"Answer","text":"

Thanks for responding.<\/p>\n

Regardless of a provider’s personal desired - there is still the law they are supposed to operate inside.
\nWhat limitation do you foresee a provider having if using a corporate email account instead of a personal one like Gmail or Yahoo? Especially when you consider they are housing PHI in those systems?<\/p>\n

Not only does the provider have responsibilities to the patient and the law - so does the company, and the other partners.<\/p>\n

Some of my existing providers use their corporate email for everything - both personal and business - I think that’s better than the other way around. of course if they leave, life is more challenging for them, though that’s the cost of today’s world. Nearly everyone in the corporate world has two or more email address - a personal one and the one they use at/for work, not sure why providers should be different?<\/p>\n

As for the impediment you speak of - DHH makes several mentions of providers being allowed to ‘meet patients where they are’ i.e. via txt/sms/email etc, as long as the patient has been informed that there is a risk to their data being exposed while traveling over unencrypted networks.
\nI’m curious what specifically kept you from having good healthcare, versus slightly inconvenienced healthcare?<\/p>\n

Let’s take that a step further and say the provider emailed your data to you - and it was subsquently leaked and that lead to at least public embarrassment for you, would you still want them to send unencrypted?<\/p>","upvoteCount":2,"datePublished":"2025-05-07T15:50:47.166Z","url":"https://community.spiceworks.com/t/why-business-persons-shouldnt-use-personal-email/1203450/4","author":{"@type":"Person","name":"Dashrender","url":"https://community.spiceworks.com/u/Dashrender"}},{"@type":"Answer","text":"

I think them having a corporate email for what’s happening at YOUR facility/company makes sense from the standpoints of everything already listed. However, there is the counter argument of previous patient/practices that need to be in contact with them. Also, there is the turn around aspect and if you’re forcing them to convert to your email. Trying to detangle that to their personal email can be a hassle and quickly irritate everyone involved. The facility I used to work at had a policy that stated doctors had to have a corporate email and everything relating to that facility was supposed to go through that email. However personal email for doctors were not blocked because of previous reasons mentioned. This covered the company and made the doctors happy. Did it happen that way? No mostly not but it’s not our job to enforce policy and at the end of the day our responsibility was covered.<\/p>","upvoteCount":2,"datePublished":"2025-05-07T15:51:29.681Z","url":"https://community.spiceworks.com/t/why-business-persons-shouldnt-use-personal-email/1203450/5","author":{"@type":"Person","name":"wpheinle","url":"https://community.spiceworks.com/u/wpheinle"}},{"@type":"Answer","text":"