Once a patient has signed in to the portal, whether accessing from a computer, smart phone or whatever, the electronic XML encrypted message is transmitted over the internet, and since the entry and exit point of the electronic message is password protected and the electronic message encrypted this type of electronic transfer of patient data is considered secure by HIPAA standards.
