Updated: Aug 29, 2021
HIPAA. HIPAA-Compliance. HIPAA Software. HIPAA Regulations.
There are so many things HIPAA when it comes to working in the medical field. You may have been familiar with our prior blog titled "HIPAA Compliance: Is Hushmail Right For Your Private Practice?" (not familiar? Don't worry, you can read that blog here), but today, let's go into more detail regarding HIPAA-Compliant email platforms.
What HIPAA-Compliant platforms are there and why are they necessary for my practice?
These types of email platforms are a necessity for private practices because of the utmost importance of operating emails through platforms that are HIPAA-Compliant. Think about it. Many practices use them to stay in contact with their patients, take care of administrative processes and automate communication. Practices can’t afford NOT to use email as a part of their everyday, modern healthcare operations.
HIPAA allows electronic communication such as email but there are still some regulations that one should keep in mind. If you are not careful in how the emails are used, you could wind up in a lot of trouble. It is so important to protect your patients’ privacy and make sure their Protected Health Information, PHI, stays safe and secure.
There are many HIPAA-Compliant platforms out there that you can use in your practice to be sure that any, and all, information shared via email stays safe and keeps your clients’ private information secure.
Here are 6 of our favorite email platforms that YOU can use for your practice:
Email Platform#1: Hushmail
Hushmail is a secure email platform that allows you to send and receive encrypted emails to and from your clients.
They also have electronic signature forms. Hushmail plans offer not only encrypted email but also secure web forms and legally binding e-signatures.
Hushmail is available as an iOS application.
Hushmail also offers a separate, secure email archive, one month free for users who choose to pay annually instead of monthly, no extra fees for BAA, and customer support via email and phone. Read our previous blog post, which discusses Hushmail in more detail (along with its wonderful benefits), here.
Email Platform#2: Virtru
Virtru is another great HIPAA-Compliant email platform.
Virtru allows clients to keep their email provider without having to switch over.
Their software enables users to encrypt data for HIPAA compliance and control who has access to the content that is sent. It is software that is an add-on to popular email services such as Gmail and Microsoft email.
Virtru also allows encryption for Google Drive and Microsoft Outlook.
Pricing varies: $79/month and includes 5 users (billed annually); $249/month
includes 25 users (billed annually) and you can also request a custom price if you need more than 25 users. All users have access to the online Virtru Help Center and basic, no-cost support.
Email Platform#3: NeoCertified
NeoCertified has been in business with HIPAA-compliant email software since 2002.
They provide not only HIPAA compliant email but also secure email solutions, secure forms, secure email archiving, among other things.
They also have a secure email for Outlook, Gmail, Outlook 365, and Microsoft Edge.
Their pricing is $99 per year for 1 user account, unlimited secure emails, and 24/7 customer support. They also have other plans but they ask you to contact them for a quote.
Email Platform#4: Aspida Mail
Aspida Mail provides HIPAA-compliant email by directing users to a secure portal where patients can log in and confirm their identities. Aspida prides itself on being highly compatible with the services you’re already using and making the transition process smooth and easy.
Aspida Mail provides encrypted email so that you can send, receive and store sensitive data securely.
They also provide data backup and recovery so that you can backup and restore server and application data. Along with these features, they offer a managed network firewall so that you can control your network with business-class security.
Their pricing is just $10 per month for offices that want to create a new email address for sending and receiving encrypted emails. This is an email address at their domain name with 30 GB of storage per email address, at $10 per month. Aspida Mail + is best for offices that want to add email encryption to all existing or new email addresses on a custom domain, which may be your website. This is 30 GB of storage per mailbox, at $15 per month for one email address. Additional email addresses are $10 per month.
Email Platform#5: Paubox
Paubox encrypts emails without requiring you to learn another software platform.
Much like VirTru, you are able to integrate directly with popular email services G Suite and Office 365, allowing users to send and reply to emails in a way that is fully encrypted and HIPPA compliant. You won’t need any extra plugins, portals, new apps, or anything like that.
Pricing starts at a standard level, with it being $29 per month for one user. This includes a 14-day free trial, transport layer of security, email reports, Business Associate Agreement, Secure contact form, secure calendar invites, and many other features. The Plus plan is $59 per month and offers the same features but also includes inbound security, ExecProtect, and DomainAge. The Premium Plan is $79 per month and includes the same features as the previous plans but also includes email archiving and email DLP.
Email Platform#6: ProtonMail
ProtonMail differs from other software because it was developed by scientists and engineers in Switzerland who worked at the CERN laboratory. In addition to high-level data security, ProtonMail provides a BAA — a must for HIPAA compliance.
With ProtonMail, messages are stored in an encrypted format.
They are also transmitted in encrypted format between their serves and user devices. Because data is encrypted at all steps, the risk of message interception is largely eliminated.
ProtonMail does not have access to using an encryption key, meaning they don’t have the ability to decrypt your messages and as a result, they cannot hand over your data to third parties.
One thing that may be considered a downside is that they cannot recover your data if you were to lose or forget your password. One feature that seems pretty neat, but may possibly be a downside as well, is that you can set an expiration time on your encrypted emails and they will automatically be deleted once they have expired. They do offer a free plan, starting out with 500 MB of space for free.
There are many HIPAA-compliant email platforms out there. These are just a few that may be exactly what you are looking for for your practice.
It is so important to be sure that you have a HIPAA-Compliant email platform, especially with the current pandemic and many therapists working remotely from their homes. Patients need to know their private information is secure and stays that way.
Be sure to get your practice set up with a secure, private HIPAA-Compliant email platform.