Updated 7/20/20 - HIPAA Compliant Email is a type of email system used by Healthcare Professionals to send Patient Health Information (PHI) via email to other Healthcare Industry Professionals or directly to their Patients. The main difference between a HIPAA compliant email system compared to email systems provided by web hosting companies, internet service providers, or free email services is the extreme focus on Data Protection. The Critical Infrastructure for a HIPAA compliant email system must comply with the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) required the Secretary of the U.S. Department of Health and Human Services (HHS) to develop regulations protecting the privacy and security of PHI. To fulfill this requirement, HHS published what are commonly known as the HIPAA Privacy Rule and the HIPAA Security Rule. A company that provides HIPAA compliant email services must have in-depth knowledge on the application of the HIPAA Security Rule as it relates to the security of protected PHI. They must be able to identify technical or electronic threats to the Healthcare Enterprise, and implement technology available to reduce or prevent those threats.
Employees that manage or support the use of a HIPAA compliant email system must receive advanced training in the topics of administrative, physical, and technical safeguards. A company who specializes in HIPAA compliant email must develop policies and procedures to both describe those safeguards and address larger risk management strategies. A company with knowledge and experience of the HIPAA Privacy Rule makes them better able to articulate and address its core requirements, key terms, and concepts with HIPAA compliant email.
To learn more about HIPAA Compliance, head on over to this page.
Enterprise Guardian (EnGuard), an American Company based out of Southern California, is a HIPAA Compliant Email Service Provider since 2007 for healthcare providers, doctors, clinics, psychologists, dentists, chiropractors, nursing homes, pharmacies, health insurance companies, hospitals, and billing services.
We are HIPAA, HITECH, and OMNIBUS Compliant!
Although there is no HIPAA standard or implementation specification that requires EnGuard to “certify” our compliance, we completed HIPAA training for the Certified HIPAA Security Experts certification over a decade ago. It is important to note that HHS does not endorse or otherwise recognize private organizations’ “certifications” regarding the Security Rule. Today, we are only required to perform periodic technical and non-technical evaluations that establishes the extent to which security policies and procedures meet the security requirements under the evaluation standard § 164.308(a)(8).
Many companies make the huge mistake of thinking they can make their email system "HIPAA compliant" by simply deploying an email encryption solution. What they fail to understand is there are more requirements for HIPAA compliant email than just adding an encryption gateway to their existing email system.
As a Leading Authority for HIPAA Compliant Email services, this is what makes us HIPAA compliant:
Switch to HIPAA Compliant Email Today