GDPR emailing invoices and letters


Hi there to the developers

With the onset of the new GDPR laws coming into effect soon, what changes will you be making to direct emails for invoicing as well as Doctor’s letters containing both personal and sensitive data?

Kind Regards

Emailing letters securely

Really interested to hear more about this - ICO confirmed that we should not be sending letters to gps & invoices to insurance companies without encryption- and we were told today you have no direct plans to have encryption- which really causes us a major problem as one of our main reason to have Cliniko is to send invoices :thinking:


Hi @janineenoch and @Marty,

We send emails with TLS enabled for all emails (so we attempt to send them encrypted). The problem is not all receiving mail servers support encryption. If the receiving mail server doesn’t support encryption, it will fall back to TLS not being used, and the email not being encrypted.

To be clear, we follow best practice and attempt to send every email with encryption, we just can’t guarantee that will be what happens, as we are at the mercy of the receiver.

If you are sending personal/sensitive information that must be encrypted, you would be safest to not use email. I guess you still could if the recipient had TLS enabled. It would be risky though.

Does that answer your question?



The issue with us is that most insurance companies want personal info on invoices so every invoice will contain personal / sensitive info - it will be really difficult to contact every company to see if they are Tls encrypted/ enabled … so from a tech point of view I’m not sure if this will or won’t be compliant with gdpr

I don’t get why they see sending letters is seen as safer / confedential …


There is a difference between sensitive and personal information. According to a GDPR expert I spoke to you can send invoices unencrypted as it is financial. The issue is with clinic letters and medical reports, and how they are sent out. Sending them through TLS in the hope that the recipient has TLS will not cut it with the ICO. To get around this with Cliniko, I type and send my letters outside of cliniko using egress linked to my outlook then drop the letter into the patient file. What would be nice is if cliniko could somehow attach the letter to an email in my outlook so that I can send it with egress encryption.

Mailing letters is deemed as safe as it is illegal to open mail addressed to a third party but they have advised that large amounts of sensitive information be sent by recorded delivery.


Would it not be possible to have secure email network within cliniko- i.e were people we our sending invoices or letters to have download - register to access the email similar to what we do when we send via external secure mail- I really think this is a must - otherwise we cant use cliniko as it was meant for- the whole idea of downloading leters and invoices to then send via seprate secure email forum is too tie consuming


Cliniko should add Argus or Healthlink support to enable secure transmission of sensitive clinical data to and from other health providers. These 2 are the ones used in other medical software to be compliant. Healthlink allows users to also send and receive with Argus users, so is a better cost effective secured messaging service for transfers of sensitive clinical information.

This is how the majority if medical practices do it in Australia, linked in with their medical software, allows secured messaging service of confidential sensitive information.


Another option, maybe, would be to add something like virtru ( which sends a link to the recipient who authenticates using their email address, i.e. you click on the link in the email, which takes you to a site where you choose your email address. Once you’ve done that, Virtru sends a download link to that email address. It’s not perfect in terms of security, but it’s very simple to use and encrypted. I use it to delivery my invoices, but would of course prefer something built in to Clinico.


Can we have some clarification please- if emailing invoices or client letters to a insurer/ GP and they can confirm they have secure email (?server) is sending off cliniko which TLS encrypted technically as safe/ secure as using secure email. I just want to clarify before I contact insurance companies to make argument that it seems like be just an excessive administrative task to have to download every invoice onto pc/laptop to then attach to secure email such egress …instead of using cliniko software as its suppose to be used for. Thanks in advance


Below are not my words, but from a very reputable business in the health sector, who has spent a vast amount of money ticking the GDRP boxes.

"Security issues and email

There is some considerable confusion with regard to security of sending information by email.

In discussing this with GDPR trainers/experts, we have been advised that email service providers, such as Gmail, Hotmail, btinternet etc, are GDPR compliant which means that the content of emails is encrypted from user to user i.e. from Our Service to you and from you back to us. Therefore, there is no requirement for emails to be password protected or ‘psuedominised’. This is the same for attachments to emails.

There is also some question regarding the inclusion of personal details in the subject heading of emails, i.e. the client’s name rather than simply a reference number. There is no clear guidance available on this, with many companies taking a different stance. Whilst we have been advised that there are benefits in removing the client’s name from an email subject heading, this is simply to provide ‘evidence’ to others that we are taking steps with regard to accountability and not a required policy by GDPR.

We have discussed this together in some detail, as well as seeking professional advice, and have decided that we will continue to send emails with our client’s name and reference number as we consider the dangers of not doing so outweigh the benefits of anonymising emails. We are greatly concerned that sending anonymised emails may result in accidental errors in client identification, which in turn could result in inaccurate information being forwarded or errors in instruction, which we consider would be highly distressing for clients."


Cheers , very helpful