" ePHI Archives - Page 2 of 7 - LuxSci

Posts Tagged ‘ePHI’

HIPAA Compliance Checklist

Tuesday, January 11th, 2022

This HIPAA compliance checklist was designed to help organizations understand their obligations under the law. The checklist items are not a complete list, just a starting point for your compliance program. HIPAA requires a yearly risk analysis to identify new vulnerabilities. Any business process change or new technology usage introduces new risk into an organization’s security program, so it’s important to review the standards regularly.

hipaa compliance checklist

Read the rest of this post »

Are Prescription Notifications HIPAA-Compliant?

Tuesday, December 14th, 2021

It is common to receive calls and text messages from pharmacies reminding us that it is time to pick up or renew our prescriptions for drugs or other medical items. Have you ever wondered if these prescription notifications are HIPAA-compliant?

Just because every pharmacy seems to send them, it doesn’t mean they are aware of the compliance requirements. Let’s look into the context and learn how to remind patients of prescription refills and appointments securely.

prescription notifications hipaa compliant

Read the rest of this post »

Case Study: Securely Email Medical Laboratory Results to Patients

Tuesday, August 17th, 2021

Medical laboratories use LuxSci’s secure services to email lab test results to patients. Although medical laboratories are not always HIPAA Covered Entities themselves, they are Business Associates with hospitals and doctors who are required to abide by HIPAA. By the “transitive” nature of the HIPAA privacy laws, Business Associates must abide by HIPAA security and privacy standards, protect patient data, and ensure confidentiality.

email lab results

In order to send patients their results via email, these labs must use a HIPAA-compliant system that can send email to anyone with an email address. We work with labs to securely send Covid-19 test results, cancer screening results, and many other kinds of medical test results via email.

This post describes how one large medical lab uses LuxSci’s Secure High Volume Email sending service to safely deliver lab results to thousands of people every day.

Read the rest of this post »

Can You Send ePHI in Insecure Emails and Texts with Mutual Consent?

Tuesday, April 27th, 2021

Email and text messaging are among the most common forms of business communication. However, if you are sending ePHI, regular texts and emails are off limits! If you are subject to HIPAA regulations, you will need mutual consent from your patients before sending ePHI insecurely via these methods.

This may seem frustrating because text and email are easy and switching to a secure service can feel like a lot of work. However, when ePHI is mishandled it can have significant repercussions. Personal information can be stolen, made public, and even used in fraud.

Text messaging and normal email carry significant risks to ePHI, because they aren’t designed to be secure. While it is best to only send ePHI over secure services, there may be instances where the patient wants to communicate over these insecure methods. Because of the risks, your organization needs signed mutual consent waivers to proceed with insecure communication.

Does HIPAA Allow Mutual Consent?

Read the rest of this post »

HIPAA-Compliant Web Sites: Requirements and Best Practices

Tuesday, March 23rd, 2021

It is not easy to create a HIPAA-compliant web site and webmasters often ask us for clarification on best practices when it comes to HIPAA compliance.

We have previously discussed what makes a web page secure and also what makes a web site HIPAA-compliant, but it seems that an explainer on what you should and should not do with web sites in shared and dedicated environments would be useful to many.

hipaa compliant web site

Read the rest of this post »