Last updated June 30, 2017. The Health Insurance Portability and Accountability Act (HIPAA), sets the standard for protecting sensitive patient data. Any organization dealing with electronic Personal Health Information (ePHI) must ensure that all the required physical, network, and process security measures are in place and followed. This of course includes HIPAA compliant email.
- Organizations include Covered Entities(anyone who provides treatment, payment and operations in healthcare) and Business Associates (anyone with access to patient information and provides support in treatment, payment or operations). This also includes making sure you have HIPAA compliant email baked in when it comes to your email service provider.
- Even subcontractors, or business associates of business associates, must also be in compliance.