" hipaa Archives - Page 18 of 21 - LuxSci

Posts Tagged ‘hipaa’

Case Study: LuxSci SecureForm and Ink Signatures Eliminate Downloading, Printing, Signing, and Faxing of Contracts

Friday, January 31st, 2014

For legal reasons, LuxSci’s HIPAA customers must physically sign a “Business Associate Agreement” and return it to us. While this is a simple and commonplace request, it creates a lot of busy work for the customer and LuxSci!

The customer might have to

  1. Download the file
  2. Print out the 19 pages
  3. Sign the agreement
  4. Fax back all pages, or scan them and return them electronically

Then, LuxSci might have to

  1. Locate the document
  2. Sort out faxes that are in the wrong order, upside down, blank, or missing pages
  3. Figure out who sent the document
  4. Verify that pages are not missing or changed
  5. Counter-sign the document and attach them to the customer account
  6. Contact customers who have not sent in their documents correctly or at all, which is crucial to the HIPAA certification process

Multiplied by many customers, this creates a lot of unproductive busy work for everyone, which costs money this time.

To simplify this process, LuxSci uses its own Secure Form and Ink Signatures technologies to submit signed contracts in a snap for customers and eliminate most of the busy work LuxSci itself has to do to manage the process.

In this post, we describe how both technologies work.

Read the rest of this post »

Tags: contract, fax, hipaa, ink signature, online, secure, secureform, signature, web form, written signature
Posted in Business Solutions, Case Studies, HIPAA Compliant Forms
No comments »

HIPAA Compliant Emails Sent From your Web Site: Best Practices

Tuesday, January 7th, 2014

You buy a HIPAA compliant web hosting infrastructure.  You configure your web site to send out email messages in the simplest way, e.g. through PHP mail, or some other generic and standard mechanism.  You think you are all set — but you are not.

HIPAA compliant web hosting services provide a server infrastructure that allows you to be compliant; however, it doesn’t make you compliant.  Your web designers must make choices and program your site so that it properly respects ePHI.  If they do not do all the appropriate things, you will be out of compliance.  E.g. see: 7 steps to make your web site HIPAA-secure.

In particular, email messages sent in the “normal way” from a web site will go out insecurely in a way that will violate the HIPAA Security Rule if they contain ePHI of any kind.  E.g. they will not be encrypted and will not be archived.

Read the rest of this post »

Tags: archived, compliance, encrypted, ePHI, hipaa, secure email, secureform, web hosting, web site
Posted in LuxSci Library: HIPAA
No comments »

Who does not support SMTP TLS for Secure Inbound Email Delivery?

Thursday, November 7th, 2013

We are frequently asked who supports TLS  to secure inbound email delivery. This is especially important for customers who need to be HIPAA-compliant, as email transport encryption over TLS is sufficient for HIPAA-compliant communications to end-users, so long as the TLS is configured to be sufficiently strong.

While it is possible to tell who supports TLS, it is somewhat technical to do it yourself. So, we have assembled a table with many of the most popular free and public email domains in use across the internet. We indicate which currently (as of July 8, 2022) supports SMTP TLS for inbound email.

The results are surprising. A majority of domains these days do support TLS. With Microsoft’s recent TLS implementation on its email domains (hotmail.com/live.com/outlook.com), this rounds out consistent TLS support (for inbound delivery–outbound may or may not be supported) for all of the most popular free email providers (e.g., aol.com, gmail.com yahoo.com, hotmail.com).

Note: lists below have been updated as of 7/8/22.

Read the rest of this post »

Tags: Forced TLS, hipaa, opportunistic, smtp, smtp tls, tls, tls checker
Posted in LuxSci Library: The Technical Side of Email
1 Comment »

HIPAA Compliance is Needed for Emailed Appointment Reminders

Friday, September 20th, 2013

HIPAA ComplianceTwice in the past few weeks I have received appointment reminders or scheduling information from doctors via email — via insecure, non-HIPAA-compliant email.

An email message contains identifying information: my email address and my name. The appointment email messages also contain information about “the past, present, or future provisioning of health care to an individual” … me! Taken together, this means that these email messages are ePHI (more details – what is ePHI?) and needed to be secured in a HIPAA compliant manner.

That they were not compliant was obvious to me:

Read the rest of this post »

Tags: appointment, ePHI, gmail, hipaa, hipaa compliance, notice
Posted in LuxSci Library: HIPAA
No comments »

High Security Dedicated Cloud Servers at Low Price

Thursday, August 1st, 2013

VPSNew LuxSci dedicated cloud servers start at $100/mo. This allows many more customers to take advantage of dedicated solutions, even a HIPAA-compliant one, without a big price tag.

See also Understanding Cloud Servers.

LuxSci has for a long time offered both dedicated physical servers, as well as dedicated virtual private servers located in our private cloud.  Now that we have signed HIPAA Business Associate Agreements with Rackspace for their public cloud infrastructure, we are able to offer dedicated virtual private servers that reside there … to all customers: those with compliance needs and those without.   The ease of public cloud server management and the low underlying cost of these solutions enables LuxSci to provide its services on them to its customers at a much lower price point than was previously possible.

Read the rest of this post »

Tags: cloud server, dedicated, hipaa, server, virtual private server, vps
Posted in Dedicated & Cloud Servers, New Feature Announcements
No comments »

« Older Entries
Newer Entries »