Does encrypted email satisfy HIPAA?
Secure patient communication is a vital concern for health professionals nationwide. As the industry continues to move towards secure electronic communication methods many dental professionals are worried about maintaining HIPAA-compliant patient communications.
I get calls every day from professionals that are under the impression that simply using email encryption software makes them HIPAA-compliant. This is a false impression.
This week, I conducted a podcast with Brightsquid CEO Rohit Joshi, who is also a licensed attorney, to discuss the secure transfer of patient information and what it takes to be HIPAA complainant in this arena. HIPAA compliance goes beyond the simple use of encryption software. Email encryption helps prevent a message from being read along the way to its recipient. But this alone does not align with HIPAA Compliance.
There is a whole list of requirements practices must follow in order to be HIPAA compliant with their electronic communications. And there are a number of companies, including BrightSquid, that provide services supporting these requirements
The bottom line is, encrypted emails alone do not support full HIPAA compliance, and dental practices that do not take every step to secure this information may be opening themselves up to HIPAA violations.