At least try to be HIPAA COMPLIANT ...
Email can travel a long way before it hits your inbox. With our solution, you’ll avoid prying eyes along the way. With one click, CipherPost Pro encrypts your message when it leaves your mailbox. Only the authorized recipient – with the proper password – can read the message.
Other services protect your message only from one server to another. Access to the server means access to your private information. CipherPost Pro email encryption gives you true mailbox-to-mailbox security, no matter where your email goes in between. That keeps your confidential information safe and helps your business remain compliant.
CipherPost Pro also features a built-in Secure E-signature feature that enables you to sign encrypted files with the click of a button.
E-Signatures
Who Needs Secure E-Signature? The short answer is everybody. Whether it’s signing and exchanging contracts, medical records, or financial information, businesses and organizations of just about any size need to exchange signed documents. And by the very nature of the intent of a signature, that information is usually important, sensitive, confidential, or all three.
AppRiver CipherPost Pro e-signature is a simple “click to acknowledge” process that is secure and easy for anybody to understand and use. It supports major document formats, including PDFs and Microsoft Office files, as well as most common image formats (JPG, PNG, etc.), with few restrictions on file size transfers. Whether you are a lawyer, engineer, or doctor, from complex agreements to digital blueprints to x-rays, you can obtain required signatures literally in seconds!
While many products offer fast and simple e-signature capabilities and others offer full security, only our solution provides all three without the added cost and burden of additional security software. You simply start using it. It’s that easy—and that secure.
Mobile Device Support
You need to access your secure messages no matter where you are, and CipherPost Pro has you covered. It allows you to send and receive encrypted email, track your sent messages, and open secure attachments from anywhere. Create, read and reply to secure messages on iOS, Android, Windows Phone 8 and BlackBerry platforms. All of the features of CipherPost Pro email encryption, including real-time tracking, large file transfers, compliance services and many others, are available on your mobile device.
Optimized to minimize device battery and bandwidth consumption, CipherPost Pro provides easy and secure access to your encrypted messages without the need to store confidential and sensitive data on your mobile device. That means losing your phone doesn’t mean losing critical information. And administrators can quickly enable or disable access from the Secure Message Center (Webmail) so no one can use a lost or stolen device to access your account.
Who is affected by HIPAA?
HIPAA applies to all organizations that directly maintain and transmit personally identifiable health information, referred to by HIPAA as protected health information (PHI), or e-PHI in electronic form.
These include hospitals, physician and dental practices, health insurance brokers and carriers, laboratories, and pharmacies. Additionally, HIPAA applies to third party vendors and business partners that exchange data with organizations that directly maintain and transmit PHI in any form.
Non-compliance can be costly, or even crippling to your business. Under HIPAA, healthcare organizations that fail to secure PHI against loss or unauthorized disclosure face fines of up to $250,000 per incident while individuals responsible can face up to 10 years in prison for noncompliance.
In addition to harsh financial penalties and criminal proceedings, violators are required by the Department of Health and Human Services to report their compliance breaches to affected parties as well as the media if a breach affects 500 or more individuals.
Without question, the ensuing legal entanglements, reputation damage and financial cost of HIPAA violations threaten your business’s bottom line and may critically impact your organization’s ability to do future business.
HIPAA and your email
Two provisions under HIPAA directly impact healthcare organizations’ email policy and security: The Privacy Rule and the Security Rule. Together they identify what information is to be protected and provide a framework for safeguards organizations must put in place to ensure email compliance.
The Privacy rule defines what patient information is to be protected and places healthcare organizations responsible for the confidentiality of PHI in any form, including EHR. Under HIPAA, protected health information (PHI) is any information about health status, provision of health care, or payment for health care that can be linked to a specific individual.
Consequently, the Security Rule mandates that affected organizations implement appropriate policies, technical and physical safeguards for information systems that maintain e-PHI, including email, to ensure the security and confidentiality of e-PHI against loss or unauthorized disclosure. Specifically HIPAA requires that affected organizations:
- Ensure the confidentiality, integrity, and availability of all e-PHI they create, receive, maintain or transmit.
- Identify and protect e-PHI against reasonably anticipated threats to the security or integrity of the information.
- Protect e-PHI against reasonably anticipated, impermissible uses or disclosures.
- Ensure compliance by their workforce.
Considering the prevalence of accessing, sending and receiving e-PHI via email, and the vulnerabilities of doing so, it is obvious that HIPAA’s call for safeguards extend to email security.
