UCSF Fresno Secure Email Overview
UCSF Fresno has finalized an agreement with DataMotion company to develop a system to send secure email.
This secure mail system is designed to help faculty, residents, and staff comply with the federal HIPAA regulations, and California Senate Bill 1386.
HIPAA regulations stipulate that electronic communications that contain Protected Health Information (PHI) must be transmitted in a manner that protects the confidentiality of patient information. When you send, receive, or store any electronic document that contains UCSF confidential or patient information, you are responsible for ensuring the information is processed securely.
Senate Bill 1386 requires notification to California residents regarding any breach to the security of a computing system where there is a reasonable belief that an unauthorized person has acquired their unencrypted personal information.
The data covered by this law is an individual's first name or first initial and last name in combination with any one or more of the following:
Social Security number
Driver license number or California identification card number
Financial account number, credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account
Medical information (effective January 1, 2008)
Health insurance information
Using the secure mail system, email customers from UCSF Fresno mail system are able to send and track secured outbound email messages.
A. How Secure Email Works
The UCSF Fresno secure email system transmits your outbound email message to a Secure Messenger website. When you send a secure email, Secure Messenger sends an email notification informing your recipient there is a secure email message at the Secure Messenger website. The notification includes an imbedded link to the Secure Messenger site.
The recipient retrieves your message from the Secure Messenger website via a secure link.
B. To Send a Secure Email
If you use UCSF Fresno’s email system, it is easy to use the Secure Messenger service to send secure email. Simply:
Begin the subject line with one of the following key words including colon:
Continue typing your Subject line
Compose and send the email as you normally would
For example, to send secure email regarding a patient, the Subject line could read:
PHI: Regarding your visit
Secure: Regarding your visit
The format listed above is mandatory for secure mail routing. A colon is required between the keyword and the subject text on the subject line.
Your message is securely stored in an encrypted or coded format until retrieved by your
If you have your UCSF Fresno emails forwarded to another address, you need to login to DataMotion secure mail server using the special account created for you and initiate the emails using their interface.
C. What to Expect as a Sender
When your recipient retrieves your email from the Secure Messenger website, Secure Messenger sends you an email notification documenting the date and time your recipient retrieved the message. This notification also includes recipient address, subject, and date sent.
You may track your secure messages if an account has been created for you on the UCSF Fresno Secure Messenger.
D. What to Expect as a Recipient
When you send a secure email via Secure Messenger, your recipient receives a plain text, UCSF-branded email containing notification that a secure message has been sent from you. The notification contains:
Your subject line
A link for viewing the message
Your recipient retrieves your email by clicking on the link to the Secure Messenger website and logs on to the site. The first time each recipient receives a secure message from you, the recipient is required to register by providing the following:
Users who have already completed the registration will be required only to enter their password when signing onto Secure Messenger.
E. Pre-Notification Sample Letter
UCSF Fresno faculty, residents, and staff who plan to use Secure Messenger may wish to send a pre-notification letter (see sample) to potential recipients first. Be sure to send this without a Secure Email trigger.