HIPAA-Compliant Messages


Built into MerusCase is the ability to send HIPAA-compliant emails. Every MerusCase user is assigned a special meruscase.net email account which is formatted as user+#####@meruscase.net. This is referred to as your User + (plus) email account.

All emails sent from this email address will prompt the recipient to log in to a free MerusCase Email-only account in order to access any email attachments. This is useful for sending documents with an extra layer of security.

Sending and receiving messages exclusively through MerusCase allows us to keep your message, and all related information, encrypted on our servers. Alternatively, when you send an email without using your user+ account from MerusCase to an @gmail.com or other email account address, the message is then transferred from our servers to the servers of the recipient’s email provider. When your data changes servers, we no longer have control over how and when that data is accessed. That said, by keeping the message solely on our servers, we can ensure that your message data remains completely encrypted and inaccessible to malicious forces.

Sending a HIPAA-Compliant Message

Sending a HIPAA-compliant email message is very similar to sending a regular email message through MerusCase. The only difference is that you need to send the message from your user+ email address.

Note

If you do not already have your outbound email account setup with Merus, the From address will default to your user+ account.
  1. Navigate to the Messages area, then click Compose. This is no different than how you would usually compose a message.

  2. In the From field of the Compose panel, select your User+ address from the list. It will look something like “user+#####@meruscase.net”.

  3. Compose and send your message as normal.

When the recipient gets the message, they will be given a link to create their free MerusCase account. This account will only give them access to the documents you have sent to them. Every message sent to the user will prompt them to log in, but they will only need to create the account once. They will be able to log in with their credentials to retrieve any future messages.

Below is an example of what a recipient will see:

User Plus