Dangers of Free Email Services
Email is still the most used platform for formal communications. Businesses still rely heavily on this means to receive customer complaints and to send out service and billing information. Free email services are convenient and easy for personal use. However, businesses, especially those that handle large amounts of sensitive customer data, need to be more careful with their email security.
Healthcare is one such sector that needs to have strong safeguards in place to protect customer data. Using a free email service is fraught with risks and not recommended for companies dealing with PHI. Here we discuss the dangers of using free email services and why companies should rethink this strategy.
Lack of support: Most free email service providers are large companies like Google and Yahoo. These companies deal with millions of customers and don’t have the workforce to offer quality customer support to every user on a priority basis. If you as a business require immediate help with your email services, there is no guarantee that your issue will be resolved in a hurry, if at all. This is a drawback that very little can be done about because of the sheer volume of customer complaints big companies are dealing with and the marginal revenue that free email provides to support quality support people. However, for your business, even a delay of 24-hours to get your systems back on track could spell disaster, causing you to lose valuable time, money, and even customers.
Lack of accountability: Let’s say for example, that your email services shut down and you were unable to get customer service to look into it. In the meantime, a few inquiries came in from potential clients that you could not access because of the system problems. You lost out on valuable business because of the technical snag. These setbacks affect small businesses even more as they depend on every new customer to stay afloat. After all that is said and done, you just have to cut your losses and move on because, with a free email provider, there is no one you can hold accountable for your loss of business or quality of service. You can make complaints, but no real action will be taken against any department because they already have too much going on at their end and they also have no service level agreements with you. Unfortunately for you, this lack of accountability means that technical glitches could happen over and over again before the problem is effectively solved.
Lack of features: Email archival and added security measures like email encryption are usually reserved for paid email services. It does not appear that free email service providers will be providing these features anytime in the near future. As a business, you risk security breaches and loss of data.
Not HIPAA compliant or eligible for a BAA: If you are a company that provides healthcare, you are required by law to ensure that your email services are compliant with the Health Insurance Portability and Accountability Act (HIPAA). To be HIPAA compliant, you need to obtain a signed Business Associate Agreement (BAA) with your service provider. Free email service providers will not enter into BAAs with customers due to the increased technical and administrative requirements; there is no reason for them to take on additional risk and staff effort for free accounts. Many small healthcare companies allow the use of free emails services because they are …. free. However, this places such organizations at immediate risk of HIPAA non-compliance and breach.
Possible lack of business/corporate features: Free email services were developed with individual users in mind. While many features have been added to free services over the course of time, most free email services still fall short when it comes to business and/or corporate features that help to manage many people. For example, if you have a newsletter or would like to inform your customers about blog updates, new products, etc., a high volume bulk mailing service is extremely useful. This feature is lacking in most free email services. Other items often lacking in free services, other than email encryption and archival, are those for setting policies across users, getting reports on user activity, and imposing audit, access control, and password requirements.
Monitoring and monetizing: If you are not paying for the email service, then an advertiser is. When advertisers get involved then there is a very high possibility that the following may be happening:
- Emails may be scanned for information that is saved and analyzed by the advertiser.
- You may not be given control over the ads that get displayed in your emails.
- Malware could be injected into these advertisements and infect your computer.
- You have been losing control over your privacy and over what happens to your data and who has access to it.
Free email services pose a serious risk to the data security of any company; businesses, especially those dealing with PHI, should consider a more secure option.
Want to discuss how LuxSci’s HIPAA-Compliant Email Solutions can help your organization? Interested in more information about “smart hosting” your email from Microsoft to LuxSci for HIPAA compliance? Contact Us
- None Found