Healthcare compliances training and discussion blog

Posts tagged ‘HIPAA security standard’

HIPAA security standard: Selecting the Right E-mail Service.

In the present times, Internet has taken a center stage in fulfilling the communication needs of the people. The speed, ease and wide reach it provides, makes it the most favored media for communication. An email is a great communication tool of the internet and is widely used by people to communicate with their doctors or medical insurers. This involves, exchange of confidential health information. To make this exchange of information on the net, safe and secure and secure, it is necessary to adopt HIPAA security standard while selecting the right email service provider.

The prime objective is to select an email service that safely carries the health information of the patient through the net. A safe transit and storage is a basic requirement of the HIPAA security standard. There are some essential features that an email service should have and they are:

  • The email service should meet or exceed the HIPAA standards.
  • It should have the ability to encrypt and decrypt the health data transmitted. This feature protects the confidential health information from unauthorized access as it passes through the public network. As the emails are stored on server during the transit through net, the chances of unwanted intercept increase considerably and encryption provides the best defense.
  • The service should provide have a secure back up plan to safely recover the data in case of a natural or manmade calamity.
  • Provide unlimited document or email transfer and at same time protect the data integrity.
  • It should have an inbuilt security feature that automatically logs off the system after some time of inactivity.
  • Personal or entity authentication is required as it confirms the identity of the person or the entity that access the personal health information, an important requirement of HIPAA security standard.
  • The software used should be user friendly and there should be no third party involved in any form. The email service should have security provisions that inhibit unauthorized exchange of information with the third party.
  • The service should have security feature that provides feedback to the auditors about the time, place and IP nos through which the protected health information had been accessed. This helps the auditor to keep track of the health information and ensure that it is accessed by authorized people only and the safety of information has not been compromised at any stage of storage or transmission.
  • Assign unique tracking number or username that is protected by strong password to control the access of the patient health information in a safe and secure manner.

The main objective of adopting HIPAA security standard while selecting an email service is to prevent patient identity theft and protect people from financial loss due to insurance frauds.

A secure email service ensures safe passage of health information through the internet.

Jason Gaya

Read more on computer network security in healthcare at

Tag Cloud