Does encrypted email satisfy HIPAA?

March 25, 2015

Secure patient communication is a vital concern for health professionals nationwide. As the industry continues to move towards secure electronic communication methods many dental professionals are worried about maintaining HIPAA-compliant patient communications.

Secure patient communication is a vital concern for health professionals nationwide. As the industry continues to move towards secure electronic communication methods many dental professionals are worried about maintaining HIPAA-compliant patient communications.

I get calls every day from professionals that are under the impression that simply using email encryption software makes them HIPAA-compliant. This is a false impression.

This week, I conducted a podcast with Brightsquid CEO Rohit Joshi, who is also a licensed attorney, to discuss the secure transfer of patient information and what it takes to be HIPAA complainant in this arena. HIPAA compliance goes beyond the simple use of encryption software. Email encryption helps prevent a message from being read along the way to its recipient. But this alone does not align with HIPAA Compliance.

More from Uretz: Steps on how to choose and implement electronic health record software

There is a whole list of requirements practices must follow in order to be HIPAA compliant with their electronic communications. And there are a number of companies, including BrightSquid, that provide services supporting these requirements

The bottom line is, encrypted emails alone do not support full HIPAA compliance, and dental practices that do not take every step to secure this information may be opening themselves up to HIPAA violations.

About the authorMike Uretz is a nationally recognized dental software and electronic health records (EHR) expert. He is the founder of DentalSoftwareAdvisor.com as well as the Dental EHR Editor for Dental Products Report and conducts a popular weekly podcast on dental software related topics. As a leading industry consultant, Uretz has helped both individual and group practices properly evaluate and select software vendors and solutions, structure and negotiate pricing and contracts and provide implementation oversight and vendor management.Mike can be reached at mikeu@dentalsoftwareadvisor.com.

More from Uretz: Do we really need an extension on the New York ePrescribing mandate?