Published on June 1, 2017
Covered entities are required to comply with HIPAA. “Covered entities” are defined as health plans, health care clearinghouses and health care providers who electronically transmit health information for which the Department of Health and Human Services has adopted standards. As a healthcare practitioner you are a covered entity.
HIPAA stipulates that covered entities are required to implement technical safeguards for the “electronic protected health information” of their clients and patients. These technical safeguards can be implemented by using a service provider such as Hushmail that will encrypt your email.
The actual language, in section 164.306 of the U.S. Code of Federal Regulations, states that covered entities and business associates must:
Ensure the confidentiality, integrity, and availability of all electronic protected health information the covered entity or business associate creates, receives, maintains, or transmits.
While HIPAA doesn't specify exactly what safeguards are required, protecting email is a top priority, since it is the main method of electronic communication in use today, embraced by healthcare practitioners, plans, providers and patients. The Department of Health and Human Services website is a useful resource for additional information.
Hushmail has been designed to support healthcare providers in their efforts to be HIPAA-compliant. One of the primary ways we do that is by providing a secure, encrypted email service, to help you safeguard client or patient information you transmit, receive and maintain.
With Hushmail, any emails you send to another Hushmail user are automatically encrypted. Sending an encrypted email to someone who does not use Hushmail is as easy as checking the Encryption box as you’re typing an email, then choosing a secret question and answer for the recipient to fill in. Whether you’re using webmail or our iPhone app, the process is equally simple. When the recipient receives your email, they are taken to a secure website where they can read your message, download any attachments and respond with a secure, encrypted email of their own.
It’s worth noting that while Hushmail makes it possible to encrypt emails, it is up to our customers to add encryption to messages containing personal healthcare information. But Hushmail makes it easy.
Our Hushmail for Healthcare plans come configured for HIPAA compliance right out of the box. Learn more about how our healthcare plans can help you be HIPAA compliant.