|
 HIPAA
COMPLIANT
EMAIL
Our secure communication services enable
hospitals and physician services across the country to secure their email
communications to partners, departments, and individuals over open networks
easily and affordably. Physician offices will now be ably to securely
communicate with both hospitals and patients, speeding the access to needed
patient data and enabling users to meet HIPAA requirements while continuing to
use their existing email client. Users can access secure email messages at the
desktop and can be sent to any valid email address.
Our subscription-based secure email uses proven strong
cryptography to protect your email messages. You can
encrypt your outgoing messages so that only the intended
recipients can decrypt and read the message. You can also
digitally sign your outgoing messages so that the
recipients can be assured that you actually sent the
message.
HIPAA
regulations are specific about the end result required if you use email - health
information sent via electronic means must be protected against unauthorized
access. However, the regulations are less specific about the technologies to be
used to accomplish this. No particular technology is required, so a wide variety
of options have emerged, including closed networks, virtual private networks and
various types of encryption services. Choosing among these alternatives is a
matter of your properly informed business judgment, based on your particular
circumstances, resources and needs.
EmedSafe - Affordable and Reliable Solutions
-
Ensures privacy by allowing
information to be sent securely to any email address, regardless of platform
or software
-
Is consistent with HIPAA
requirements for protection of PHI in electronic communications by providing
prudent safeguards
-
Works universally with all of the
individuals and entities you communicate with
-
Ensures messages arrive unaltered
and can only be opened by the intended recipient
-
Causes no disruption to operations
and works seamlessly with your existing email software
-
Is inexpensive and easy to use
-
Will grow with you as your
business grows
-
Helps you to develop your risk
assessment and provides a process for identifying and addressing your security
risks
Common misconceptions regarding e-mail sent through
'normal' channels:
-
Emails
can be deleted.
False. By using utilities or
by checking recipients' workstations, they can very
often be recovered. Most messages are also archived by
ISPs.
-
Emails
get "lost" among the millions being sent around the
Internet.
False. Sophisticated search
tools, such as the FBI's Carnivore program, let their
users find almost any email sent through 'normal' means.
-
Emails
go to the people you address them to.
False. Emails are often distributed broadly to
people you might not even know because of forwarding.
-
Comments
made in email aren't that powerful.
False. Even if unintended by the author, certain
comments or idle remarks can be perceived as threats or
harassment. For example, referring to a coworker as a
"dinosaur" can become the basis for an age
discrimination lawsuit.
-
You can
send emails from work in a personal capacity.
False. When sent over company systems, the law
recognizes emails as official company communications
regardless of the content. Potential exposure is created
each time an employee uses corporate email to send
personal messages to friends.
-
Private
email messages are private. False.
Emails can be accessed as part of an investigation and
create liability for individuals and businesses.
-
Your identity
is protected through email communications.
False. Using normal email, it is
extremely easy to duplicate someone's identity for the
purpose of sending fraudulent email messages, and equally
easy for authorities to determine your identity.
Encryption technology and HIPAA email
The
Security Regulations do not state that email encryption is mandatory, but do
specify that encryption is an "addressable specification" for controlling access
to PHI. An "addressable specification" is a safeguard which is not required, but
which must be considered, and implemented if it is a reasonable and appropriate
safeguard. If a decision is made not to implement an addressable specification,
the organization must "document why it would not be reasonable and appropriate
to implement" and "implement an equivalent alternative measure if reasonable and
appropriate." Encryption is usually the most prudent method other than
developing and deploying your own closed network environment.
Encryption technology and HIPAA email
The
Security Regulations do not state that email encryption is mandatory, but do
specify that encryption is an "addressable specification" for controlling access
to PHI. An "addressable specification" is a safeguard which is not required, but
which must be considered, and implemented if it is a reasonable and appropriate
safeguard. If a decision is made not to implement an addressable specification,
the organization must "document why it would not be reasonable and appropriate
to implement" and "implement an equivalent alternative measure if reasonable and
appropriate." Encryption is usually the most prudent method other than
developing and deploying your own closed network environment.
|
Personal Accounts
Group Accounts
Enterprise Solutions
30-DAY
FREE TRIAL OFFER
TO NEW ACCOUNTS
|
|
If you
send a minimum of 3 faxes and letters a day and 1 1/2 courier packages
every month, you can save
over
$100
A MONTH with EmedSafe!
|
|
Are YOU ready for
HIPAA Deadlines?
Important deadlines
related to the Health Insurance Portability and Accountability Act of 1996
(HIPAA) are here!
|
|
HIPAA
PRIVACY VIOLATION
PENALTIES:
Civil Penalties:
1. $100 or more for
each violations, or
2.
$25, 000 annual
limit for all violations of an identical prohibition or requirement
Criminal Penalties:
1.
Up to $50,000 -
$250,000 and
2. 1 to 10 years in
prison
|
|
