Probably not. The transmission security standards in the HIPAA Security Rule still apply, and it will rarely be reasonable or appropriate to send PHI over unencrypted channels when safer options exist, such as in-app messaging. HHS has been clear that sending an individual their own PHI is one of the rare exceptions. Again, consult an attorney if you have specific legal questions.
Updated over 1 year ago