Virtru's email recall feature allows users to withdraw access to previously sent encrypted emails when sent to the wrong person in an attempt to prevent a HIPAA violation. The question is whether this feature genuinely contributes to an organization's HIPAA compliance.
Learn more about HIPAA and email: HIPAA Compliant Email: The Definitive Guide
Vitru requires several steps for recipients to access content sent from its users. From a recipient's perspective, these steps include:
If the Vitru user wants to revoke the email, these are the steps they'd need to follow:
Breach means the acquisition, access, use, or disclosure of protected health information in a manner not permitted under subpart E of this part which compromises the security or privacy of the protected health information.
The above extract comes from 45 CFR §§ 164.402 of HIPAA. Based on this definition, when an email containing protected health information (PHI) is mistakenly sent to an incorrect recipient, a HIPAA violation is triggered at the moment of unauthorized disclosure.
In the case of a regular email interaction, a violation occurs as soon as the email is sent because the access control the organization had is lost. Virtru's email recall feature might appear to allow its users to retain this control and, therefore, prevent a violation. Avoiding a HIPAA violation is, however, not that straightforward.
Let's take a look at instances where a HIPAA violation can still occur despite using the email recall feature:
Determining whether or not this breach is realized after the use of the recall requires the consideration of a few factors, such as:
Virtru's installation and activation process presents several challenges that can make it difficult for users to use. Initially, users must navigate to the downloads page, add the extension to Chrome from the Chrome Web Store, and then proceed through various prompts to complete the installation—a process that requires multiple steps and switching between pages.
To send an email, users need to manually toggle the Virtru bar to activate encryption for each email, a step that, while simple, requires conscious effort and disrupts the flow of composing an email.
Adding to this, the option to customize security settings, such as disabling forwarding, setting expiration dates, and applying watermarks, although beneficial for security, further complicates the email composition with additional decisions and clicks.
The process of activating and using the software is not the only issue users have faced. With issues ranging from difficulties in training staff on how to use it to lags in the software, the problems in using Virtru go beyond the everyday annoyances we expect to see.
"Occasionally, Virtu will lag or not work at all," one user wrote. "I was ready to write this off as me having issues with my own bandwidth, but my colleagues working from home would tell me they were having similar issues at the same time. Another issue is people to whom I send encrypted emails who do not have a Virtu account sometimes have difficulty opening emails."
A small business owner highlighted the issues within the user experience: "The extension crashes my email multiple times a day. I have to log out of Gmail and back in often. I have uninstalled the extension and stopped using Virtru as much as I would like to because of the inconvenience."
Yet another user brings to light the user experience and difficult integration despite Virtru's claim that they are compatible with Microsoft 365: "Virtru is clunky to use. It isn't integrated with Outlook. When using Outlook, one needs to open a separate web page to be able to read the email. I have had clients tell me to send reports unencrypted because they don't want to deal with using Virtru. I am constantly having to sign in with Virtru to be able to read emails."
Still another user opens up their review with: "Others are sadly having issues opening." They further explain, "I don't particularly appreciate that others we send emails to are having difficulty opening the messages. It has caused a lot of issues because we are sending essential documents daily and then having to find a way to resend them.
Lastly, this user wrote about their experience training staff on using Vitru: "There has been difficulty onboarding our employees to the features provided by Virtru. Also, at times filters are too aggressive and detect CC numbers in links that don't exist. They also auto-encrypt emails even when the word "password" is used but no password is included. Initial filters had to be adjusted so workflows were not interrupted."
Beyond the technical issues mentioned in customer reviews, Virtru's email recall feature specifically is not as beneficial as users might hope. The feature does not assure HIPAA compliance if an email is sent to the wrong recipient. The feature may even detract from the preemptive measures to avoid this error.
Let's explore more in-depth effects the use of this feature may have:
The emphasis on correcting post-send mistakes diverts attention from training on preventive practices, such as secure email handling and verifying recipient information before sending.
Trainers need to allocate extra time and resources to teach staff the basic functionalities of email systems and the specific steps required to use Virtu as a whole and execute a recall. This requirement increases the learning curve, potentially overwhelming employees, particularly those less technologically savvy.
The presence of software lag undermines the potential utility of Virtru's recall feature. Complaints of lags within Virtru's software, in general, reveal the possible effect on timeliness and reliability of recalling emails, making the recall feature less dependable. When users need to access the feature quickly, a lag or crash of the software can be detrimental to the very narrow window available to recall before the email is accessed by the incorrect recipient.
The Vitru email recall feature adds extra steps to the incident response procedure, which includes
These extra steps demand more immediate action and resources from the incident response team, potentially delaying responses to other aspects of the incident.
Administrators and IT support staff (which may not be consistently available to small to medium practices) must continuously oversee the feature's usage to ensure its proper function. They need to track the successful and failed recall attempts to assess the feature's overall reliability. This increased oversight requires dedicating resources or poses the risk of not noticing lapses in the software's efficiency.
Reliance on the recall feature can lead to a reduction in proactive measures and diligence in handling sensitive information. Staff may become less vigilant in their communication practices, increasing the likelihood of errors. The perception of email revoke encourages a mindset where the meticulous verification of recipient information is less important, assuming that any mistake can be rectified post-send.
Patient experience should be an overriding concern when it comes to both patient outcomes and provider business growth. The Virtru email process is unnecessarily difficult for recipients, with multiple steps that detract from the recipient experience.
Initially, recipients are met with an email notification that, rather than containing the message itself, informs them of a secure message awaiting them, introducing an immediate barrier to direct communication. They are then required to navigate away from their familiar email environment to access the content through Virtru's Secure Reader, disrupting the flow of their email interaction.
Recipients facing multiple steps to view the content are likely to disengage, especially for non-urgent or promotional communications. This diminishes the effectiveness of these emails by reducing open rates and engagement and discourages future interactions with similar messages.
Gmail offers an 'Undo Send' feature, allowing users to cancel the sending of an email within a preset time frame (up to 30 seconds after sending). This feature is effective for the immediate realization of a mistake, providing a straightforward way to prevent an email from reaching the unintended recipient before any potential exposure of sensitive information occurs.
Why it's better: The simplicity and immediacy of Gmail's 'Undo Send' feature make it highly effective for quick corrections without the complexity of recalling an email after it's been delivered and potentially opened. It integrates seamlessly into the Gmail user experience, requiring no additional steps or third-party software.
Outlook's 'Recall This Message' feature attempts to delete or replace an email message sent to a recipient within the same Exchange server before it is read.
Why it's better: For internal communications within organizations that use Exchange Server or Microsoft 365, Outlook's recall feature can effectively prevent unauthorized access to mistakenly sent information, provided the conditions for recall are met (e.g., the message has not been read). It's integrated into the email client, offering a direct approach to managing misdirected emails.
Implementing an email approval process adds a proactive layer of security by requiring that emails be reviewed and approved by an email regulator or compliance officer before dispatch.
Why it's better: Unlike the 'Undo Send' feature in Gmail or the 'Recall This Message' feature in Outlook, an email approval process is inherently preventive. It eliminates the dependency on the sender's quick action to correct a mistake, instead placing control in a systematic review that catches errors before they occur.
Coupled with the Paubox Email Suite, this is a far more effective solution in mitigating potential violations. While the 'Undo Send' and 'Recall This Message' features are limited by time constraints and specific conditions (e.g., server environment, message unread status), the email approval process is universally applicable across various platforms and does not suffer from these limitations.