Live Chat | Login | Blog | Careers

emPower eLearning: HIPAA Security Standard: Selecting the Right E-mail Service.

Tuesday, January 26, 2010

HIPAA Security Standard: Selecting the Right E-mail Service.

Internet has taken a center stage in fulfilling the communication needs of the people. The speed, ease and wide reach it provides, makes it the most favored media for communication. An email is a great communication tool of the internet and is widely used by people to communicate with their doctors or medical insurers. To make this exchange of information on the net, safe and secure, it is necessary to follow HIPAA security standard while selecting the right email service.

The prime objective is to select the email service that safely carries the health information of the patient through the net. A safe transit and storage is a basic requirement of the HIPAA security standard. There are some essential features that an email service should have and they are:

  • The email service should meet or exceed the HIPAA standards
  • It should have the ability to encrypt and decrypt the health data transmitted. This feature protects the confidential health information from unauthorized access as it passes through the public network. During the transit through net the emails are stored on server and the chances of unwanted intercept increase considerably. To counter this threat it is necessary to encrypt the message before transmitting it.
  • The service should provide a secure back up plan to safely recover the data in case of a natural or manmade calamity.
  • Provide unlimited document or email transfer and at same time protect the data integrity.
  • It should have an inbuilt security feature that automatically logs off the system after some time of inactivity.
  • Personal or entity authentication is required as it confirms the identity of the person or the entity that access the personal health information, an important requirement of HIPAA security standard.
  • The software used should be user friendly and there should be no third party involved in any form. The email service should have security provisions that inhibit unauthorized exchange of information with the third party.
  • The service should have security feature that provides feedback to the auditors about the time, place and IP nos through which the protected health information had been accessed. This helps the auditor to keep track of the health information and ensure that it is accessed only, by authorized people and the safety of information has not been compromised at any stage of storage or transmission.
  • Assign unique tracking number or username that is protected by strong password to control the access of the patient health information in a safe and secure manner.

The main objective of adopting HIPAA security standard while selecting an email service, is to protect the patient health information. This prevents patient identity theft and saves the State and people from financial losses incurred due to insurance frauds.

E-mail security ensures safe exchange of patient health information through public network.

Jason Gaya

Read more on computer network security at, www.empowerbpo.com



Post a Comment

Subscribe to Post Comments [Atom]

<< Home