Is Email HIPAA Compliant?

The short answer is a resounding no, at least according to John Lynn, the man behind the popular EMR and HIPAA blog.  In a recent post titled, Email is Not HIPAA Secure, John makes a compelling case for why email is not HIPAA secure and lays out the reasons why.

To quote from the article:

There is a way to encrypt email sent between 2 email systems, but so far a standard and mechanism for encryption between all the vast number of email providers has not been established. I won’t go into the details of why this is the case (cost of encryption, standards for encryption, etc), but suffice it to say that almost none of the email systems send encrypted email that would satisfy the HIPAA requirements.

Meeting HIPAA requirements when communicating secure patient data can be daunting task.  If you’re in the business of handling medical dictation the rules are pretty clear.  You need a secure method of moving both the voice files and the finished transcription documents.   If you’re going to transfer those files using a computer you need to be using a HIPAA compliant method of transferring them.

My Docs Online offers a easy way of moving those files, that satisfies those complex HIPAA requirements, using our Transcription Edition.   The cost is modest (beginning at less than $10 per month) and the benefits to you are numerous.  For more information please check out the Transcription Edition page link above.

If you’re really interested in learning more about HIPAA there is a wonderful e-book titled  The HIPAA Survival Guide (affiliate link) that is available online.  The book, written by Carlos and Deborah Leyva, costs $9.95 and is is a valuable resource.  You can purchase and download the book from the HITECH Survival bookstore site.

{ 3 comments… read them below or add one }

John Lynn March 11, 2011 at 1:21 pm

I’d say the short answer is a resounding, “Not usually.” You got the main points though. The comments were really good on that post too and show some interesting companies that are trying to make it a resounding Yes.

Steve March 16, 2011 at 1:47 pm

Thanks for stopping by John – I did check out the comments and they were incredible. It was a great topic for a blog post.

John Lynn June 19, 2012 at 6:03 pm

Did you check out the next entry, Texting is Not HIPAA Secure: http://www.emrandhipaa.com/emr-and-hipaa/2012/04/17/texting-is-not-hipaa-secure/ It’s amazing how many doctors don’t care. The first doctor to get in trouble for it will wake up a lot of doctors to it.

Leave a Comment

Previous post:

Next post: