Sunday, September 20, 2015

Why do I need encrypted email?


Let’s picture a postcard. This mode of communication is perfect for documenting your latest trip laden with landmark pictures on the front and a simple “Wish you were here” written on the back. Anyone can flip over the postcard, read your sentiments. You’d never write anything too personal knowing this postcard can be an open book. No need to safeguard this innocent letter.

Now imagine if it has your social security number written on the back under your name. Not so innocent anymore! This is exactly what an email is. A regular email is open for anyone to view while in transit to its recipient. Now imagine a letter, duct taped and carried by an armored van to the recipient. This is an encrypted email.

As a Covered Entity, you are responsible, by HIPAA law, for safeguarding your patient’s data.

Anytime electronic Protected Health Information (ePHI) is being sent in an email, HIPAA recommends implementing procedures to ensure secure transmission and storage. The easiest way to do this is to utilize an encrypted email system.

Ideally, look for a provider that offers the option to send regular vs. encrypted mail. For example with Aspida Mail  it is triggered by a keyword, encrypt in the subject or body of an email. If that keyword is omitted, all emails flow as usual.

Additionally, if you are receiving ePHI to your email, verify you are implementing secure storage procedures. Typically, (free) Gmail, Aol & Yahoo Mail do not store securely.

Additional Tips:
  • Opening Emails
    • Use a mail solution that has antivirus and a robust spam filter enabled.
    • Inspect all email messages thoroughly, including the senders address.
    • Do not open any email that looks suspicious. If you do not know the sender, treat it as suspicious email.
  • Sending Emails
    • Confirm the email address with which you are sending information.  
    • Do not put any ePHI in the subject line of an encrypted email – this information is still transmitted through an unsecure environment.

By familiarizing yourself and your team about these email procedures, you’ve taken the first steps to protection. The next step would be to figure out what works best for your practice and come up with a plan for implementation. And don’t forget, documentation of all policies and procedures is key!
 
CLICK HERE for more info on Aspida email solutions

About the Author:
Laura Miller is Compliance Manager of Aspida, has quickly established itself as an industry leader in providing compliance security products and services for healthcare providers.


Dayna Johnson, Certified Dentrix Trainer
Dayna loves her work. She has over 25 years of experience in the dental industry, and she’s passionate about building efficient, consistent, and secure practice management systems. Dayna knows that your entire day revolves around your practice management software—the better you learn to use it, the more productive and stress-free your office will be. In 2016, Dayna founded Novonee ™, The Premier Dentrix Community, to help cultivate Dentrix super-users all over the country. Learn more from Dayna at www.novonee.com and contact Dayna at dayna@novonee.com.


No comments:

Post a Comment