HIPAA email encryption rules do not exclusively apply to emails, but to all communications which include:
attachments to emails
These are all governed by HIPAA rules for email encryption, which states you need to implement a mechanism to encrypt ePHI, and E-mails should be double encrypted.
Some things to know:
1. When emails are sent using public FTP (File Transfer Protocol), copies of the emails will remain on routing servers indefinitely with no possibility of an organization being able to delete them if a breach of Protected Health Information is identified.
2. There is no possibility of retracting an email containing Protected Health Information if it has been sent to the wrong person, or to remotely delete emails if an authorized user loses a mobile device from which Protected Health Information has been communicated .
3. There is also the logistical issue that each authorized user would have to install encryption/decryption software on all the mobile devices and desktop computers they would use for the ePHI by email, and that the software would have to operate across all platforms.
4. Any solution that is implemented to comply with HIPAA rules for email encryption would also have to have administrative controls to monitor access to Protected Health Information. You must also ensure that the policies developed to comply with HIPAA email encryption rules are being adhered to.
An Alternative to Encrypted Emails
Allowing access to Protected Health Information through a software-asa-service “on demand” app. And As all activity is contained within a private network, should a breach of Protected Health Information be identified, administrators can remotely delete a message. Secure messaging apps have been purposefully designed with the end-user in mind.
The Benefits of Secure Messaging Over Secure Emails
Messaging is by far the most popular form of mobile communication, with 92% of mobile users preferring it over email - Benefits include:
1. In a healthcare environment, the speed of response can have substantial benefits to patients.
2. Accelerating patient concerns.
3. Making faster diagnoses.
4. Delivering lab results quickly and efficiently.
5. Assisting in the administration of medical treatment.
6. Additionally, secure messaging apps have a message forwarding feature which enables multiple parties to collaborate securely about the care provided to a patient.
7. Authorized users receive delivery notifications and read receipts that confirm their messages have been received and which eliminate phone tag.
8. Secure messages can be assigned a lifespan and delete automatically after a predetermined period of time.
9. A “Search by name facility” helps eliminate the risk of messaging errors often seen with encrypted email, and accelerates secure communications between medical professionals.