“HIPAA is the federal Health Insurance Portability and Accountability Act of 1996. The primary goal of the law is to make it easier for people to keep health insurance, protect the confidentiality and security of healthcare information and help the healthcare industry control administrative costs.”
The HIPAA legislation includes several requirements related to the protection of the confidentiality and security of patient’s medical information. 3M Secure Mail provides a digital method of sharing patient information with colleagues and patients which meets or exceeds HIPAA’s requirements.
Traditional email services, either web-based or server-based and locally managed, do not meet the HIPAA requirements for privacy protection and are therefore prohibited for the transmission of patient records.
Below is a simplified list of requirements to be HIPAA compliant:
- Encryption - Data must be encrypted as to be unreadable by unauthorized parties
- Access Controls - Authorized users must be authenticated when logging into access patient records (username and password).
- Data Back Up - Data must be automatically backed up to a secure location.
- Chain of Custody and Trackablity - When sharing patient data with other parties the covered entity (Practice) must be able to track access to that data.
- Archived - Data related to patient records and security must be available for at least 7 years
The Secure Mail component of 3M Secure Mail meets or exceeds all the above requirements while still allowing practices to share patient records in a familiar email style of communication.
To find out more about HIPAA and its impact upon your office, refer to HHS.gov.