I have an application where sensitive data needs to be encrypted in a manner where every run produces the same encrypted values from the same inputs. The primary data type is email addresses. The encrypted values need to always be the same because they are matched for statistical analysis. Runs that produce the data will occur at regular intervals over long periods of time. This makes the choice of IV for AES encryption a bit tricky. The question is: is it acceptable to use the secret (the hash of a given password) also as the IV? Would encryption modes or padding render this insecure? I'm assuming this would not be good practice since I have never seen it suggested before, but since it would be very convenient I figured I would ask.
(Note that hashing the values is already an option in the tool. Encryption is now also being considered because the values are reversable, which makes report analysis by the customer a bit simpler.)
No this is not a good option. Especially with email addresses there is a big chance that the ciphertext will be partly identical if you do. This will leak information, for instance you can easily guess names or server addressed once those are repeated.
If you really require deterministic encryption they you could use AES in Synhetic IV (SIV) mode. That will create a ciphertext where each bit of output is completely dependent on every bit of the input. Alternatively, if space is sparse, it is possible to use Format Preserving Encryption (FPE).
I certainly hope that you use password hashing (e.g. bcrypt, scrypt, PBKDF2 or Argon2) to derive the key, otherwise your keys may not be as secure as you may think.