The results of laboratory tests are automatically uploaded to the patient's electronic medical record in the medical unit and transferred to the patient's personal account in the medical unit.
Sending test results to patients by e-mail carries risks of violating the law and leaking confidential information. What risks do you incur by sending medical data by e-mail:
- Violation of personal data protection requirements
According to FZ-152 and FZ-323, medical data belongs to a special category of personal information that requires increased protection. Unlike secure systems (for example, a patient's personal account at a medical center), e-mail does not provide cryptographic protection, which can lead to data interception by intruders. - Human factor risk
The human factor remains one of the key vulnerabilities in personal data protection, especially in the medical field. Even with technological solutions, it is the actions of employees that often cause leaks. - Email vulnerability to cyber attacks
Phishing emails and malicious attachments are common causes of leaks. Sending data by email increases the risk of such incidents. You can read about the leaks of patient data on the portals of the RBC Company, Rusbase. - Lack of recipient identification
Email does not guarantee that the email will reach the right patient.