Proactive HIPAA compliant email encryption for SMB and enterprise organizations

An email platform to protect all of your sensitive information with a click of a button! Dive into the NeoCertified experience. We comply with a variety of federal regulations, including HIPAA/HITECH, and assure that all data containing Electronic Protected Health Information (ePHI) will be protected both in storage and in transit.

Learn More About HIPAA Compliance

HIPAA compliant email requirements HIPAA violation examples

HIPAA email requirements

There are five (5) specific HIPAA requirements as related to email.  (Click here to review the actual HIPAA Security Rule)

1. Access Controls: A covered entity must implement technical policies and procedures limiting access to systems containing electronically protected health information (ePHI) only to personnel with sufficient access rights. (164.312 (a)) The Access Controls specifications include:

2. Audit Controls: A covered entity must implement software that records and examines activity in information systems that contain or use ePHI. (164.312 (b))
+ Having unique user identification.
+ Having an emergency access procedure
+ Having an automatic logoff process
+ Having encryption & decryption process

3. Integrity: A covered entity must implement policies & procedures to protect ePHI from improper alteration or destruction. (164.312 (c)). This includes having a mechanism to authenticate ePHI.

4. Person or Entity Authentication: A covered entity must implement procedures to verify a person or entity accessing ePHI is the one claimed. (164.32 (d))

5. Transmission Security: A covered entity must implement technical measures to guard against unauthorized access to ePHI that is being transmitted over an electronic communications network (164.312 (e)). This includes having integrity controls & encryption.

HIPAA email violation examples
  • The Feinstein Institute for Medical Research agreed to the HIPAA penalty of $3.9 million for multiple HIPAA violations … Learn More
  • North Memorial Health Care agreed to a penalty of $1.55 million for multiple HIPAA violations after “failing to implement a business associate agreement with a major contractor and failing to institute an organization-wide risk analysis to address risks and vulnerabilities to its patient information” … Learn More
  • Complete P.T., Pool & Land Physical Therapy, Inc. has agreed to a settlement penalty of $25,000 plus the adoption and implementation of corrective action plans for failing to safeguard protected health information (PHI) … Learn More
  • The University of Washington Medicine failed to “implement policies and procedures to prevent, detect, contain, and correct security violations”, which has resulted in a $750,00 HIPAA settlement penalty, including a corrective action plan … Learn More

Healthcare Solutions

Mobile Encryption Access

Z

Outlook Integrated Button

Customer Support Videos

HIPAA Compliant Email

A HIPAA Compliant Email History

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge. It modernized the flow of healthcare information, specified how ePHI and PHI should be maintained by the healthcare and healthcare insurance industries and addressed restrictions on healthcare insurance coverage. In a nutshell, HIPAA was created to protect covered entities and healthcare patients’ private information from being disclosed.

Secure Email Solutions HIPAA

Your same email with better security

Eliminate data breaches and ransomware attacks with our HIPAA compliant email solutions. The most effective way to send private data and sensitive emails is NeoCertified!