Private-Mail Blog

Although HIPAA, the Health Insurance Portability and Accountability Act, was signed into law in 1996, not much has been done to enforce compliance. The act was originally designed to keep patients’ medical information safe, secure, and private.

HIPAA was written and designed before the entire world went virtual, leaving a lack of clear compliance standards for how information is stored or transmitted online. With most information being stored in such a manner and no direct guidelines in place, many healthcare providers are actually committing what would amount to be HIPAA violations. If your office isn’t utilizing HIPAA compliant methods, it may be time to switch to encrypted email and file storage solutions.

The Medical Industry’s Troubling History with Security

Healthcare facilities and practitioners routinely send patient information to each other via the internet. It’s necessary for the patient – every person working to provide care for an individual needs to be privy to the same information to assure the highest possible quality of treatment. The problem with the digital transmission of this information is that healthcare practices and hospitals aren’t run by IT specialists – they’re run by doctors, nurses, surgeons, and medical assistants. They may be the best care providers in the world, but they’re certainly not the best cybersecurity experts.

Researchers found that nearly 200 medical imaging storage servers weren’t password protected, leaving over 5 million patients open and exposed. Anyone could access a complete stranger’s medical imaging from their phone or home computer with nearly no resistance.

All of this can easily be avoided if healthcare facilities were to communicate exclusively through encrypted email and encrypted cloud storage. It’s one small, easy, inexpensive change that will keep people’s personal information from getting into the wrong hands.

What HIPAA Requires

HIPAA requires that all data must be encrypted any time it moves between devices. It also requires that storage of that data is physically secure, and that any data can be definitively deleted at any time. PrivateMail is designed to address every requirement of HIPAA

How Encrypted Email Works

PrivateMail uses something called OpenPGP encryption. OpenPGP utilizes something called keys to keep information secure between the sender and the recipient. The messages are end to end encrypted. The sender and the recipient both have keys that are easy to automatically generate through PrivateMail. The recipient can only open the email they were sent if they have the corresponding key. Third parties won’t be able to access the contents of the email or interpret it even if they could – they have no way to decrypt it.

PrivateMail Files also utilizes paranoid encrypted cloud storage for all files sent through our file sharing service. No one besides the intended recipient – not even the people at PrivateMail – will ever be able to see the files being sent due to encryption. Scanned medical documents and imaging will only be received by the health care provider or the patient they’re being sent to. A third party will never have an opportunity to intercept.

Using PrivateMail For Your Medical Business

PrivateMail offers a business subscription service that allows medical care providers to utilize their custom domains and logos, collaborate with accounts, and share contacts, 100 gigs of cloud storage, and calendars. It’s easy to make patient privacy a priority and become HIPAA compliant – all it takes is a change in the way you send and receive emails.