Sending medical photos by email and text is widespread, but it should not be happening! Email is inherently insecure. Unless you are using a special email encryption service, information is not encrypted. Email is like sending a postcard. Any number of people can view it along the way.
Email is usually sent in plain text from your computer or smartphone, through your Internet Service Provider, to an email server. It is then ordinarily sent unencrypted to the recipient's email server where the computer or smartphone of the recipient fetches it via their Internet Service Provider. Some emails will be encrypted when sent from one email server to another if the sender and recipient are both using the same email provider. Some special email encryption products encrypt messages before they leave your computer and then decrypt them at the recipient's end. This process is known as end-to-end encryption. Although more secure, it is inconvenient, requiring both the sender and recipient to be using the same system. Further, the same server that stores the data often stores the keys used to encrypt and decrypt messages. That is like storing the keys right next to the padlock.
So what options do we have?