How to combine encrypted email with regular email

aspida_3for3_HIPAAHQIt’s not uncommon to turn on the morning news and hear about another company whose information has been compromised. We are living, and working, in a cyber-world and cyber-crime exists as a fact of life for those of us who use computers.

This is a guest post written by Laura Miller, Compliance Manager of Aspida.

With most of our businesses operating on a network infrastructure relying on access to the Internet, additional steps and practices need to be implemented in order to protect yourself and your patients.

One of these vulnerabilities to address is email. Email is convenient. We can receive messages on our computers, mobile devices, tablets, and respond at our leisure. Due in part to its ease, it is a preferred form of communication for many people. With this ease come inherent risks.
An email is comparable to a postcard. Its contents are susceptible to being viewed by individuals other than the intended recipient. As a Covered Entity, you are responsible, by HIPAA law, for safeguarding your patient’s data.

Anytime electronic Protected Health Information (ePHI) is being sent in an email, HIPAA recommends implementing procedures to ensure secure transmission and storage. The easiest way to do this is to utilize an encrypted email system.

Ideally, look for a provider that offers the option to send regular vs. encrypted mail. For example, Aspida Mail, is triggered by a keyword, encrypt in the subject or body of an email. If that keyword is omitted, all emails flow as usual.

Additionally, if you are receiving ePHI to your email, verify you are implementing secure storage procedures. Typically, (free) Gmail, Aol & Yahoo Mail do not store securely.
Aspida Mail takes over your existing mail server – ensuring secure storage of all mail messages.

Additional tips:
Opening Emails
• Use a mail solution that has antivirus and a robust spam filter enabled.
• Inspect all email messages thoroughly, including the sender’s address.
• Do not open any email that looks suspicious. If you do not know the sender, treat it as suspicious email.

Sending Emails
• Confirm the email address with which you are sending information.
• Do not put any ePHI in the subject line of an encrypted email – this information is still transmitted through an unsecure environment.

By familiarizing yourself and your team about these email procedures, you’ve taken the first steps to protection. The next step would be to figure out what works best for your practice and come up with a plan for implementation. And don’t forget, documentation of all policies and procedures is key!

Special offer for Aspida Mail:
Try the First Three months for $3! Aspida offers a 30 day money back guarantee, month to month contracts and risk free cancellation!
Use HIPAAHQ in the “Promotional Code” box in the shopping cart.
Click here to learn more about their product.

About the author

Laura Miller is Compliance Manager of Aspida, which has quickly established itself as an industry leader in providing compliance security products and services for healthcare providers. Their first product to market, Aspida Mail, offers medical practices affordable Encrypted Email without compromising security. Miller has over 8 years of experience in the healthcare industry including 3 years with a primary focus on HIPAA Compliance procedures.

About Jacco / Editor HIPAA HQ

Jacco Blankenspoor is the founder and editor of HIPAAHQ.com. Jacco specializes in providing useful and in-depth information about the complex topic that is HIPAA Compliant Hosting.

Check Also

HIPAA Compliant Data Center

What is a HIPAA Compliant Data Center & How to Find One

Choosing a HIPAA compliant data center that meets your IT needs and serves as a trusted partner takes time, but is a critical piece of the puzzle. Non-compliance is not an option for the survival of your organization.