Patient identifiers to avoid when communicating with patients via email and SMS. Patients ideally need to authenticate who they are before gaining access to PHI. So if you're going to send PHI, it's best to send a secure message via a patient portal or a secure HIPAA compliant email messaging service (where a login is required). Encourage ....