LuxSci

Manage HIPAA-Compliant and non-Compliant Domains with One Account!

Published: April 22nd, 2011

LuxSci has introduced a number of per-domain security features that allow us to offer accounts that contain both HIPAA-complaint domains and non-compliant domains.

Previously, customers could order such a combination of domains, but they were segregated into completely separate accounts.  These new security features benefit our customers because:

  • The overall cost is reduced
  • Administration and payment are simplified
  • Sharing of email folders, workspaces, contacts, calendars, tasks and other objects from non-compliant users to HIPAA-compliant users is permissible and easy.

Tell me more!

“Per-domain” HIPAA accounts have some domains designated as “HIPAA complaint” and others “not”.

Users in HIPAA-complaint domains are required to send ALL outbound email securely using SecureLine outbound email encryption — no exceptions.  Users in non-compliant domains (who will not be using or interacting with ePHI at all) are not required to send encrypted email.

All users, compliant and non-compliant, must:

  • Have strong passwords
  • Use SSL/TLS for connecting securely to LuxSci for all services
  • Have a short (20 minute) WebMail session timeout
  • Use other standard “good security” settings.

How to Get Started?

New customers can choose between the old style of “account-wide” HIPAA (where all users and all domains are locked down and compliant) and the new “per-domain” HIPAA when ordering.

Existing customers can convert existing “account-wide” HIPAA accounts to “per-domain” accounts by signing a new HIPAA agreement.  There is a small fee for migrating domains and users from an existing account to another.

Leave a Comment


You must be connected or logged in to post a comment. This is to reduce spam comments.

If you have not previously commented, you can connect using existing social media account, or register with a new username and password.