Well, there are ways to get around that, including encrypted/secure messaging if the HIPAA issues are worrisome to you. I asked some questions about this on the forum some months ago...among other things somebody said in response that they had never actually seen a HIPAA policeman. I checked with my malpractice carrier about liability associated with various forms of communication modalities and was advised to provide the patients with a consent form for email communication ( but also discusses telephone communication) which we use. There is nothing really less secure about email than sending a postcard, talking to someone you can't see on the telephone or leaving a message on an answering machine. In many ways email is more secure, requiring a password.
