5 Ways To Make Your Email HIPAA Compliant

Why choose wikiHow?
When you see the green expert checkmark on a wikiHow article, you know that the article has received careful review by a qualified expert. If you are on a medical article, that means that an actual doctor, nurse or other medical professional from our medical review board reviewed and approved it. Similarly, veterinarians review our pet articles, lawyers review our legal articles, and other experts review articles based on their specific areas of expertise.

How to Make Email HIPAA Compliant

Two Parts:

The Health Insurance Portability and Accountability Act (HIPAA) was passed to prevent a person’s health care information from being publicly accessible.Accordingly, HIPAA mandates that certain covered entities employ adequate processes to safeguard patient information. If you are a healthcare provider covered by HIPAA, then you will need to make sure that your email is HIPAA compliant. Unfortunately, there is no simple way for you to do this on your own. Instead, you will need to hire an email service provider who is HIPAA compliant.


Learning HIPAA Requirements

  1. Understand the fines.HIPAA includes both a Privacy Rule and a Security Rule. The Privacy Rule protects identifiable patient information, and the Security Rule sets national standards for the security of protected information in electronic form.These rules have teeth: a violation carries a maximum penalty of .5 million per violation.
  2. Read the Security Rule.The federal government requires that the electronic communication of health care information meet certain safety and privacy requirements. These requirements are complex. To make an email HIPAA compliant, you need to make sure that you employ sufficient safeguards to ensure the integrity, security, and confidentiality of the electronic information.
    • You can read the Security Rule by visiting the Health and Human Services website at . Links are provided to the relevant statutory text.
    • You can also read the regulatory text at . This document will contain all of the regulations which have been enacted to implement the HIPAA statute.
    • This information is highly technical and hard for a non-expert to understand. You should meet with a health care attorney to discuss your requirements with respect to email security.
  3. Meet with a lawyer.An experienced health care attorney should be able to help you understand the legal requirements and also find ways for you to make your email system compliant. You will want to meet with a lawyer who specializes in health care law especially.
    • To find a health care attorney, visit your state’s bar association. It should have links to referral programs (or host a referral program itself). Once at the website, you will be provided with a phone number to call or a directory that you can search.

Ensuring Your Email is HIPAA Compliant

  1. Research HIPAA Compliant Email Service Providers.The technical requirements are so complicated that, unless you are an expert in information systems, you will need to hire a HIPAA Compliant Email Service Provider to provide your email system. Free, web-based email services like Yahoo and Gmail are not sufficient email systems.In fact, they provide no security. To find a compliant service provider, you can do the following:
    • Talk with your health care attorney. He or she should be familiar with HIPAA Compliant Email Service Providers.
    • Search the Internet. Several companies advertise their services on the Internet. Search “hipaa compliant email.”
  2. Contact HIPAA Compliant Email Service Providers.Once you have the names of email service providers, you should look at the companies’ websites and see if they look professional. Then call a company and ask if it can give you referrals. You should also ask about the services that they provide. A HIPAA Compliant Email Service Provider should:
    • Limit access to the electronic information. The email service provider should keep its servers in a secure location, accessible only by authorized personnel.
    • Audit who accesses the information. The service provider should be able to track who accesses the information in the system. An adequate security log should track the user who accessed the information, the day and time it was accessed, and who the information was sent to.
    • Secure email transmissions. A service provider should also adequately secure all email transmissions using encryption and other techniques.
  3. Get patient consent.Regardless of the service provider you use, you must always get a patient’s consent for transmitting health care information electronically. Sometimes a patient will send you information by email, but you shouldn’t assume that this means the patient consents to receiving information electronically.
    • Instead, you should have patients sign a Contact Sheet. In this form, the patient will tell you how they prefer to be contacted. You should have current patients sign one and make sure that all new patients sign one on their first visit.
  4. Use encryption.According to Health and Human Services, encryption is not mandatory unless, after a risk assessment, it is found to be an appropriate safeguard.In practice, however, this means that you will almost always need to encrypt emails and attachments.
    • Encryption is a technique which converts the original text into encoded text.It is a way to secure information in case it is intercepted by a third party.
    • Your HIPAA Compliant Email Service Provider should explain to you its techniques for encrypting communications.
  5. Retain records.HIPAA requires that you preserve emails for up to six years. This is called the “Six-Year Retention Rule.” Your email service provider should be able to warrant that it will hold onto the emails for this length of time.
  6. Don’t use email, if necessary.You might find that the compliance costs for sending patient health information legally is beyond your budget. If so, you always have the option of not sending this information electronically.
    • Instead, you could require patients to come into the office to pick up health care information.

Community Q&A

Ask a Question
200 characters left
Include your email address to get a message when this question is answered.
  • You are encouraged to work with email experts who understand how to adequately secure electronic communications. You might search the web to try and find out how to encrypt your emails yourself. You should be aware that these techniques might not always work, and you could be legally fined if information is intercepted.

Video: HIPAA Compliant Email - Virtru

How to Make Email HIPAA Compliant
How to Make Email HIPAA Compliant images

2019 year
2019 year - How to Make Email HIPAA Compliant pictures

How to Make Email HIPAA Compliant forecast
How to Make Email HIPAA Compliant forecasting photo

How to Make Email HIPAA Compliant pics
How to Make Email HIPAA Compliant pics

How to Make Email HIPAA Compliant How to Make Email HIPAA Compliant new images
How to Make Email HIPAA Compliant new pictures

foto How to Make Email HIPAA Compliant
foto How to Make Email HIPAA Compliant

Watch How to Make Email HIPAA Compliant video
Watch How to Make Email HIPAA Compliant video

Forum on this topic: How to Make Email HIPAA Compliant, how-to-make-email-hipaa-compliant/
Forum on this topic: How to Make Email HIPAA Compliant, how-to-make-email-hipaa-compliant/ , how-to-make-email-hipaa-compliant/

Related News

Going Back to School With MS: Saras Story
7 Ways To Make Overnight Oats Way, Way Better
During the race, dont let nerves get the best of you
Have Celebrities Warped Our Beliefs About Getting Pregnant
Time Management for Adults With ADHD
8 Things To Do With Chia Seeds
3 Ways to Force a Burp
How to Treat Low Testosterone
Princess Charlotte Will Be a Bridesmaid at Princess Eugenies Wedding
Greek Salad
How to Get Help from a College Advisor
Stylish Printed T-Shirts For Girls
Oatmeal Chocolate Breakfast Muffins
Whats for Dinner at The White House
How to Bookmark a Page in Mozilla Firefox

Date: 09.12.2018, 23:21 / Views: 71472