1. Go to Messages > Compose or click on click on Compose on the right side of your screen from you Inbox tab.
2. In the "From:" field of the Compose page, click on the drop-down menu that displays your email address.
3. Select your user+ address from the list, which should look something like "user+0123456@meruscase.net."
4. Continue composing your message as you normally would.

Now that you know how to send a HIPAA-compliant message, you might be asking yourself, what's a user+ account and what exactly does it do?

When you send an email from your user+ account in MerusCase, it prompts the receiver to sign into the MerusCase system in order to securely access the message and any attachments from your email, as you can see in the screenshot, below. Additionally, if the receiver of your email doesn't have a MerusCase account, they'll also be asked to create an account before they can access your message. In other words, non-Merus case users will activate a client portal in order to view any information you have sent them, such as messages or invoices.

Sending and receiving messages exclusively through MerusCase allows us to keep your message, and all related information, encrypted on our servers. Alternatively, when you send an email without using your user+ account from MerusCase to an @gmail.com or other email account address, the message is then transferred from our severs to the servers of the receiver's email provider. When your data changes servers, we no longer have control over how and when that data is accessed. That said, by keeping the message solely on our servers, we can ensure that your message data remains completely encrypted and inaccessible by potentially ominous forces.

For more information on HIPAA and how it affects the work we do at MerusCase, feel free to take a peek at our White Paper, The HIPAA Final Omnibus Rule: New Changes Impacting Business Associates!