Secure Email Communication

Clinics using LiquidEMR may offer secure email communication for patients and authorized care team members through Paubox, a healthcare-focused encrypted email platform utilizing a HITRUST-certified security framework for transmission of protected health information (PHI).

This feature allows clinics to send confidential healthcare information securely while still allowing recipients to receive messages directly in their normal email inbox without requiring a separate portal login or password.

Why This Is Different

Traditional secure healthcare messaging systems often require patients to:

  • Create a portal account
  • Remember usernames and passwords
  • Log into a separate website
  • Retrieve messages manually

With this secure email workflow, encrypted messages can typically be delivered directly to the recipient’s existing email inbox while maintaining healthcare-focused security controls.

Security and Verification Workflow

To help protect patient information and maintain secure communication:

1. Verified Recipient Email

Before confidential information is sent electronically, the recipient’s email address must first be verified through the clinic’s verification process.

This helps confirm that the intended recipient controls the email account being used.

2. Unique Secure Thread Identifier (TID)

Each secure communication thread is assigned a unique Thread ID (TID) associated with the authorized patient or care team account.

Example: (TID @63-29346-12408)

This identifier helps:

  • Link communication to the correct account
  • Maintain continuity of the secure conversation
  • Validate authorized replies
  • Reduce risks from misrouted or spoofed emails
  • Ensure incoming messages are processed correctly

The TID section should remain attached to the email thread and should not be removed or modified.

3. Controlled Reply Workflow

For security purposes, confidential email communication is designed to remain within the original verified thread.

Recipients generally cannot initiate new confidential email conversations outside of the authorized thread. Replies should remain within the original secure email chain containing the assigned TID identifier.

Messages received without a valid TID may not be monitored or processed by the clinic.

Encrypted Delivery Without Extra Login Steps

When supported by the recipient’s email provider, messages are delivered through encrypted transmission directly to the recipient’s inbox without requiring separate portal credentials.

This approach helps improve convenience while maintaining healthcare-focused security controls for protected health information.

Important Note

Secure email availability and workflow may vary by clinic configuration and participation.