If you are subject to HIPAA regulations think twice before sending off that marketing email blast to your customers. If your emails contain ePHI, stop and make sure you are using a HIPAA compliant email marketing automation platform before sending. Not all email marketing platforms were designed with HIPAA marketing in mind. In fact, it […]
You’ve just been told that your email marketing program is putting your company at risk of violating HIPAA. What now? If you want to continuing using email to communicate with patients, you must implement HIPAA-compliant email marketing. Start by breaking down that goal into two components: becoming HIPAA compliant and achieving your HIPAA marketing objectives. […]
Customers often inquire if email archival is required by HIPAA regulations in order to have HIPAA compliant email. There is a great deal of confusion and uncertainty here because: HIPAA lists many requirements but does not provide specific instructions on implementing them. It’s ambiguous but provides a great deal of flexibility for organizations. HIPAA email […]
If your organization collects, stores or processes electronic protected health information (ePHI) it will need a clear understanding of business associate agreements (BAAs). This also applies to businesses that process ePHI on behalf of other organizations. Each business associate agreement stipulates how a company will share its ePHI with the respective business associate, and where […]
To meet HIPAA email compliant requirements for secure email transmission, the level of SSL/TLS (Secure Sockets Layer / Transport Layer Security) used must ensure the confidentiality and integrity of Protected Health Information (PHI) in transit. What Does HIPAA Says about TLS and SSL HIPAA doesn’t specify exact SSL/TLS versions, but industry standards — including NIST (National […]
