The Health Insurance Portability and Accountability Act of 1996 (HIPAA) set the standard for healthcare providers in protecting sensitive patient data.

Any organization that handles protected health information (PHI) must adhere to all applicable physical, network, and process security measures. HIPAA-compliant email solutions and all aspects of email security fall under this category. But HIPAA compliance for email communications (email accounts and email services) is often viewed as a baffling subject matter.

Organizations subject to HIPAA include covered entities (any company that provides treatment, medical practices, payment, or healthcare operations) and business associates (any company with access to PHI that provides support for covered entities). Even subcontractors (i.e. business associates of business associates) must comply with HIPAA secure communications rule. These organizations and entities have to overcome all compliance challenges that may come their way, in order not to breach HIPAA rules.

What is HIPAA compliant email?

In 2000 the HIPAA Privacy Rule created for the first time a set of national standards for safeguarding certain health information. It allows covered entities to disclose PHI to a business associate if it receives assurances that the business associate will use the information only within the scope in which it was engaged by the covered entity. […]