Email Encryption is Vital Under New HIPAA Regulations

The rules protecting patients’ personal health information has become even more stringent under the new Health Insurance Portability and Accountability Act (HIPAA). Health care organizations must now be more diligent in taking the necessary precautions to ensure patients’ information is handled safely and kept private.

One of the major causes for concern is the transfer of protected health information (PHI) via email. To safeguard against any unlawful dissemination of personal data, many health care organizations are turning to HIPAA email encryption services to protect the interests of their business and their patients.

Strict Enforcement of the New Law

State attorney generals have made it clear that they will be enforcing the rules of HIPAA rigorously. The fine for organizations that violate patients’ privacy has been increased to $1.5 million, which can also be extended to the organization’s business associates if they are at fault for a data breach. This fine marks a $25,000 increase from the penalty under the previous legislation.

The effects of data breach violations on a patient can be devastating. The sharing of protected health information can cause serious emotional distress, anxiety and embarrassment. And if a patient’s personal data gets into the wrong hands, they may be exposed to financial dangers and even identity theft. With the immense amount of data exchange conducted over the Internet in today’s medical fields, health care organizations must take the proper precautions to protect the interests of their patients and avoid heavy fines and legal penalties.

Serious Consequences

Because such a large volume of email containing personal health information is transmitted each day, a data breach by just one organization can expose many patients to various risk factors. When health organizations have unencrypted email, the personal information they send is entirely unsecured. With the new HIPAA laws, these organizations will be held accountable for unsecure information and will not only incur a large fine, but will also suffer damages to their reputation in the health industry.

Any business associates working with health care organizations are also accountable for protecting personal health information and are subject to legal punishment for violating the HIPAA laws. In order to avoid penalties, business associates must do their part to encrypt all emails containing personal health data, such as employing a hosted email encryption service.

Despite the severe consequences under the new HIPAA laws, a 2008 survey conducted by the Healthcare Information and Management Systems Society (HIMSS) showed that less than half of the responding organizations were actually encrypting their email. Aside from the heavy monetary penalty associated with violating the HIPAA laws, organizations should be fearful of the negative public relations that a data breach will bring to their business. If unsecure emails containing protected health information are intercepted, the health organization at fault will surely face heavy public criticism in the media and find itself in a messy lawsuit. Organizations that continue to send unencrypted emails with sensitive patient information are undertaking an enormous risk for their business and imparting a huge safety threat for their patients. A simple cloud email encryption service can provide health care organizations, their business associates and their patients the peace of mind that all personal information is safe and secure.

About Greenview Data:

Sean Vogt is a Senior Technical Specialist at Greenview Data, Inc., a leading provider of cloud email services including hosted email encryption, email archiving, and spam filtering. For the past 30 years, Greenview Data has been a trusted name in IT products and services.

Processing your request, Please wait....