Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Responsible businesses ensure HIPAA compliance in many different ways. First, the HIPAA omnibus final rule allows for email communications if a client signs a particular kind of waiver. HIPAA also requires certain security protocols for email communications. Providers and others can meet this, for example, by creating a system where sensitive data is only accessed through an inbound model (introduced by emails that are free of protected data) or by creating a secure email "tunnel" with encryption. Some of the long, legal-sounding signatures on outbound emails are also intended to promote HIPAA compliance.
HIPAA standards also extend to third-party businesses that are called "business associates." Some of these are technical service providers such as ISPs and email hosts. In response to the stringent standards of HIPAA, some providers are adding end-to-end email encryption to services in order to make sure that sensitive data is not intercepted by a third party during transit. HIPAA-compliant email is just one element of full HIPAA compliance for any businesses that deal with patient identifiers, information on individual personal health conditions, and other kinds of protected health information.