Setting up HIPAA email in openemr

tried now 587, not working…!

Okay it works! I didn’t have the Allow Email set to yes in demographics choices! So check that.
We should show an error in dialog or when clicking reset or create for this! It should be in documentation to set this though.

it is YES on allow patient Email from choices, when I click on reset to give a new set of credentials to send it does not give any error flags, just it does not send the email?

Don’t know what to say. Check your Notification setting ensure using correct credentials from sendgrid setup or the SMTP test from account set up. Trusted email set etc.

I did all that, even with app password from gmail with key , did not work, is there any error log for that operation that can catch this and where if so?

My set up is openemr on Ubuntu inside VBox, hosted on desktop windows 10, port 587 is open on VBox and on my router/wifi .

Looks like we check for the patient email address and not trusted for this. I’d set both. I think trusted is used in portal register.
If all setting mentioned are set and SMTP mailer fails then it will give error in php error log.

What is the path to the error log file? where to look?

So I just had to set this up this morning to test out email notifications for a module I’m building.

You need to make sure you fill out the following settings in the Config → Notifications screen:

  • Patient Reminder Sender Name
  • Patient Reminder Sender Email (the email address that is used for sending the credentials email, your mail provider may require this be a valid, verified email address before you can send mail with it).
  • Notification Email Address (usually the same as the Patient Reminder Sender Email but can be different, should be verified if your mail provider requires it).
  • Email Transport Method (typically SMTP)
  • SMTP Server Hostname
  • SMTP Server Port Number (this is usually 587 if your mail server is using TLS, 993 if using SSL, or 25 if using neither, or something else if they use a custom port number).
  • SMTP User for Authentication (the user to login to your mail server)
  • SMTP Password for Authentication
  • SMTP Security Protocol (this is typically TLS but older systems could have SSL, for HIPAA compliance unless you have some kind of mail relay before leaving your network this should NEVER be NONE).

I use mailgun and I know that this is all working in the latest OpenEMR codebase if you have all the fields setup. Errors show up in your Apache/NGINX/hosting provider’s php error log. The error log depends on how you installed OpenEMR but for linux apache systems is usually in /var/log/apache2/error.log file.

1 Like

it is possible that my culprit in my setup:

It is Ubuntu in VBox , and my server is accessed from my local network http://IP_Address/openemr

In that case my router could change the IP periodically and verification is not done as you noted in your reply for the emails, I need to set up either VPN of fixed IP address ( may be Duckdns.org - I am not sure how safe that is with Openemr - ), verify /authenticate emails and try again.

Also need to ensure that the SMTP ports are forwarded correctly from your VirtualBox VM network interface to the host. Edit: I see you mentioned that 587 is open on VirtualBox, so perhaps disregard, but ensure it’s forwarded to 587 on the host as well, if using a NAT virtual network interface.

For virtualBox, I think the best thing is to configure the network in bridge mode and put a static IP to the VM with the DNS that your LAN network requires

1 Like

What I ultimately would like to do for production is lock my openemr inside the VBox, opening the port only to 445 for HTTPS, and exposing to the outside the necessary minimal ( X12 to and from clearing house, Weno for Rx, PP ) with minimal risk of exposing my database to attacks, any kind of diagram of how the structure can be for that setup?

For the patient portal per se , I have static website hosted on AWS that has no connection to my DB, on it there is a contact form, from it I get notifications of whoever wants to book appointments and I can communicate with them away from the DB, then I can sent the portal link to that particular patient ( Risk) , for Weno, x12 , I think it should be less risk of exposure within my limited means and resources.

If you want to send email from openemr you must also have port 587 (SMTP) open along with a TLS encryption. It’s very safe. I don’t understand how you want to make the connection in different DBs of the patient portal with your openemr in VBox. Through API? By the way, I have sent you email with an example of 2 SMTP configurations using your ISP’s mail server.

my static website on AWS is sending the contact form through API/Lambda and that is saving me a lot instead of PHP and dynamic site hosting on AWS, yes I would like to use API/Lambda to access the openemr/portal folder only.

I did receive the notification of this post but I did not receive the email you are referring to, just in case I looked spam folder too.

Why this print screen I am getting :


Does not have a URL that patient can click like this one on the guide for PP from wiki:

I am making a progress,
My router’s IP address ( no domain yet)
I forwarded TLS port ( opened the traffic from outside to the hosting computer)
USED my SMTP on AWS
Was able to send email to patient,
I am getting in the email notification :

http://localhost/openemr/apis/default/fhir

What to do next, did not pass the IP to the API to patient’s email

on setup I put {router IP ADDRESS} /openemr/portal in the portal setting
Still in testing phase and once production will HTTPS with certs and domain