Header
Company: Together Women's Health | Department: All |
Title: Email Communication Policy | P&P#: IT-104 |
Approval Date: 05/01/2025 | Review Frequency: Quarterly |
Effective Date: 05/01/2025 | Category: IT |
Last Reviewed Date: 04/30/2025 | Last Reviewed By: Michael Schroeder
|
Purpose
The purpose of this policy is to establish clear guidelines regarding the use of email communication within Together Women’s Health to ensure the security, confidentiality, and regulatory compliance of all electronic communications. This especially applies to communications involving Protected Health Information (PHI), employee data, or sensitive business content.
Policy Statement
To safeguard patient information and maintain compliance with federal and state regulations, all work-related email communication must be conducted exclusively through company-managed email systems. Use of personal or third-party email accounts (e.g., Gmail, Yahoo, Outlook.com, etc.) for any business communication related to Together Women’s Health is strictly prohibited.
If an email is received from a personal account, any reply will be sent only to the individual’s official Together Women’s Health email address to ensure all communication remains secure and traceable within company systems.
Scope
This policy applies to all individuals performing work on behalf of Together Women’s Health, including:
- Employees (full-time and part-time)
- Physicians and clinical staff
- Contractors and temporary personnel
- Practice partners and affiliates
- Business associates and service providers with system access
Reasons for the Policy
HIPAA Compliance: To ensure all electronic communications involving PHI are encrypted, auditable, and compliant with HIPAA security standards.
Data Security: Company-managed systems provide enhanced protections against phishing, malware, and unauthorized access.
Monitoring and Enforcement: Company systems allow for audit logging, retention, and breach detection capabilities.
Legal Protection: Proper control over communications reduces legal risk and protects patients, providers, and the organization.
Permitted Email Domains
The following are the only approved email domains for use in official Together Women’s Health communications:
@togetherwomenshealth.com
@comprehensivewomanscare.com
@eastsidegynob.com
@effinghamobgyn.com
@missionobgyn.net
@nsago.com
@nswobgyn.com
@ob-gynassociates.com
@obgassociates.com
@aestheticmedi.com
@obgynsouth.com
@paintcreekobgyn.com
@somersetgynob.com
@seug.com
@ovation-wellness.com
@alcupp.com
@westmorelandobgyn.com
@loopobgyn.com
@thewomensimagingcenter.net
@theperinatalgroup.com
@truewomenshealth.com
@wha-inc.com
@women-firstobgyn.com
@womenob.net
@wpsmms.com
@obgynalabama.com
@msob.us
@eastlakelandobgyn.com
@gyngeorgia.com
@gcobgynms.com
If you are unsure whether an email domain is approved, please contact the IT department for verification before sending any communication.
Prohibited Actions
The following are expressly forbidden:
- Sending or receiving work-related emails from non-approved personal or third-party accounts
- Auto-forwarding emails from company accounts to personal email addresses
- Using non-company accounts for any communication involving PHI, financial data, HR matters, or business operations
- Sharing credentials to company-managed email accounts
Enforcement
Violations of this policy may result in:
- Suspension or revocation of access to systems
- Disciplinary action up to and including termination of employment or contract
- Reporting of the violation to regulatory authorities, including HHS/OCR, in the event of a breach
Questions and Support
For questions, clarifications, or to report suspected violations, contact: