Hey Donald, I'll try to address all of your questions.
First of all, when you send anything to the portal, whether it's a text message, or a lab result, or a CCD/CCR, we never send any part of it over email. Emailing PHI (patient health information) over email is never HIPAA-compliant.
If we have an email address for the patient, we will email the patient to tell them that they have a new item at the portal. If this was the very first item, we'll actually send them additional information instructing them how to log in. Once the patient logs in, they can download the actual XML file, or view a human-readable version. What they do with the XML file at that point is up to them.
If you are looking to transmit the CCR/CCD file to another provider instead of a patient, you could send it by secure message. In this case, the receiver would need to be an Updox user. We do have a free Updox plan which only includes secure messaging, so the receiver wouldn't have to be a
paying Updox user.
(We also support sending/receiving DIRECT messages (directproject.org), but no one's really using that yet.)Again, if you choose to email it out of Updox, it is
not encrypted and it is
not secure.
As far as where our doctors are sending them, we do have several doctors who are sending a lot of CCR/CCD files to their patients, but I'm not aware of anyone sending them the other providers yet. I expect we'll see more of that in the months to come.
Does that help?
