What You Need to Know about HIPAA Compliance and Email Security


Posted on 10/23/2017




What You Need to Know about HIPAA Compliance and Email Security.


by AppRiver Guest Blog in Talkin Cloud Blog

Compliance with the Health Insurance Portability and Accountability Act--or HIPAA--often keeps healthcare professionals up at night. Indeed, there is a great deal of misunderstanding and confusion on the topic.

HIPAA requires healthcare organizations to comply with specific security, privacy and breach notification rules for the storage and transmission of protected health information (PHI), including electronic data. Healthcare professionals should have a solid knowledge of HIPAA requirements. But healthcare providers who establish their own smaller practices need to understand the regulatory framework. This is important when it comes to transmitting sensitive information via email.

Many healthcare organizations are concerned about a governing body initiating a HIPAA audit. However, there are many ways that practices can come under scrutiny for email-related HIPAA compliance violations. For example, an audit can originate from a patient or an orthodontist reporting an unencrypted email, or an email server might be hacked.

Email compliance requirements do not end in the doctor’s office--they extend to the practice’s technology providers, as well. Healthcare organizations must ensure that the partner complies with HIPAA standards.

Practices that use consumer-grade email should upgrade to a business-class encrypted email service or make sure to obtain a Business Associates Agreement (BAA) from the email provider. BAA email certification provides a crucial validation for HIPAA auditors, demonstrating that the practice’s email provider is compliant.

Beyond just using a compliant email system, email encryption is critical--and it’s one of the most neglected aspects of HIPAA compliance. Each email must be encrypted in a way that ensures messages with a patient’s records are secure from sender to recipient.

While policies and technology solutions are critical to HIPAA compliance, the weakest link in compliance risk is not the email services or the office software; it’s the people interacting with patients. This liability can be reduced with effective staff training.

Unsecured email services, untrained staff and lax security can put confidential medical data at risk. AppRiver created a complimentary whitepaper to help healthcare providers and practice administrators secure confidential email and data. “Healthcare Security: Understanding HIPAA Compliance” provides steps for healthcare practices to assist with HIPAA compliance, reduce email-based malware attacks and provide greater privacy for their patients.
original article

Click here for Free Assessment


For more more information, contact:

Pete Groman, President
Namorgy Network Solutions - GeekByTheWeek[TM]
pete@namorgy.com
972-454-0029
#NNSIT #ISpeakGeekDOTBIZ #GeekByTheWeek[TM]

Our Sponsor

Namorgy Network Solutions is dedicated to providing cost-effective IT Managed Services to small and midsize businesses that want to improve their productivity. With our comprehensive approach to Managed Services, we are your single source for all things IT, fully committed to customer service excellence. Our fast and friendly team of experts is always thinking ahead to deliver the best service possible.



Pete Groman, President
Namorgy Network Solutions - GeekByTheWeek[TM]
pete@namorgy.com
972-454-0029
#NNSIT #ISpeakGeekDOTBIZ #GeekByTheWeek[TM]
CHAT
Have questions? Feel free to click the "Live Chat" button at the bottom right during business hours. Or the "Contact us" button after hours. Thanks!
ADVERTISEMENT