Jim, the issue of secure messaging has come up before and all of the solutions listed above add some burden to either the provider of the patient.
I would not want to insist it "works with Outlook." There are a great many people out there who do not have outlook but may use a 3rd party email client like ThunderBird, Opera, Eudora etc.
Now, in my opinion, the best way to do HIPAA compliant messaging with patients, is to never send the message, but instead send a notification that there is a message to be read on a secure server. The patient can then log in to his/her account on the server and read and reply to the message.
I will say again as I have said before, all of these wishes for AC, will easily outstrip the capacity of the AC developer to deliver improvement/fixes to the product and ADD FEATURES.
