[symple_background background_image=”” background_color=”” color=”black” background_position=”center top” background_repeat=”repeat” padding_bottom=”20px” ]
[symple_box color=”white” fade_in=”false” float=”center” text_align=”left” width=””]
HIPAA Compliant Email. The Health Insurance Portability and Accountability Act (HIPAA), sets the standard for protecting sensitive patient data. Any organization dealing with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.
Email in general is not secure. Most people don’t realize there really is no way to know that the person receiving the email you sent is who you intended. This is especially so in companies whose messaging system is controlled through an IT department. Oftentimes companies have an email policy in place informing employees that they should expect no privacy as it relates to using the company’s email or Internet systems. So, those people handling sensitive information, including discussing diagnoses and treatments for patients, need to be aware that general email has no guarantee of privacy.
We are summarizing here, but generally HIPAA requires three things when it comes to email:
If you choose to use a third-party agency to encrypt emails and protect your data, here are a few HIPAA compliant recommendations: