+ 0 Votes Block away! NickNielsen Moderator 7 years ago ...the organization has no way to track and ensure compliance. Sounds eminently reasonable to me. My current client stictly controls Internet access and completely blocks internet mail for exactly that reason. + 0 Votes Thanks guys uberg33k50 7 years ago Thanks for the replies. I hve a meeting tomorrow morning with the President of the company. She wants to know why we think this is necessary. She is against it because she thinks it is aimed more at controling the staff than security. + 0 Votes All Internet Mail Capable Sites Tig2 7 years ago By HIPPA best practise should be blocked. There has even been discussion around whether ALL employees in an organisation need to have an email account. Believe me, you will get a lot of flack for this move. Be ready with some new security training. Another move that works well in conjunction is to disable USB Flash drives and synchronisation with any non issued devices- Blackberries, PDAs, etc as this is another way that your PHI information is capable of making it out of the organisation and into the wild. And of course, no document storage on the C: drive.