The Health Insurance Portability and Accountability Act (HIPAA) applies to protected health information (PHI). When stored or transmitted electronically, the HIPAA Security and Privacy Rules require covered entities to safeguard the integrity and confidentiality of electronic protected health information (ePHI). The most common way in which ePHI is shared ... Read the complete post

Simple Mail Transfer Protocol (SMTP) is a way in which email travels across the internet. An SMTP relay is a mail server that passes on your email message to another server that can transfer your message to the intended recipient. Email providers like Gmail own and manage SMTP servers; some ... Read the complete post

HIPAA’s encryption requirements fall in a grey area. This is mainly due to two reasons:

• encryption is required when ‘deemed appropriate’, which means email encryption is not absolutely necessary and ‘mutual consent’ can be used in place of encryption.
• there are a number of ‘addressable requirements’ pertaining to the technical

Email transmission between servers has historically been extremely insecure.   A new draft internet standard called “SMTP Strict Transport Security” or “SMTP MTA STS” is aiming to help all email providers upgrade to a much more secure system for server-to-server mail transmission.    This article lays out where we ... Read the complete post

You cannot achieve overall HIPAA compliance if you don’t use a server that ensures the confidentiality, integrity and availability of your organization’s protected health information (PHI). You have the option to use a cloud server, and given the buzz around the affordability and convenience of cloud computing solutions, you ... Read the complete post