Secure Corporate Email for Healthcare

John Deutsch

John Deutsch

Posted on August 12, 2011

A realistic approach to internet security for medical practices – Part 2: Secure Corporate Email

Better Corporate Email

A good corporate email system designed to make your business more efficient while meeting HIPAA security guidelines should be a focus of all medical practices, big or small. Email has become such an important aspect of today’s business; it makes business sense to invest in a proper email system. The most time-saving email feature critical to every business is full email/calendar/contacts synchronization between your office PC, home PC, laptop and mobile phone. Features such as Anti-Spam, Anti-Virus, unlimited attachment size and unlimited mailbox size are some other features that medical practices find valuable.

HIPAA and Email

HIPAA regulations pertaining to email are extensive, but there are three rules that all practices must follow in order to meet HIPAA guidelines:

  • Encryption – Accessing your email through a web browser and receiving/sending emails in an email application (Outlook, mobile phone, etc.) must be encrypted using at least 128-bit encryption.
  • Archiving – HIPAA requires all emails sent and received to be archived for later retrieval. While this is an important HIPAA regulation, it also has significant value to a medical practice. Archiving essentially stores a backup of all emails; so if Julie, your front desk receptionist, sends a nasty email to a patient and deletes it, you’ll still have a copy of it.
  • Consultations via email – Communicating with patients on medical matters via email is, generally speaking, a HIPAA violation. While you can control security on your server’s side, you can’t control your patients’ ability to manage their email in a secure manner. Beside the HIPAA risk, it’s a practice that doctors should not get used to; many email accounts are shared by spouses and emails are frequently read by prying eyes.

Best practices to for email

  • Implement a secure corporate email system with archiving that meets both your HIPAA and business goals. We at Medical Web Experts offer secure corporate emails solutions with archiving for $10/mo. per email.
  • Don’t communicate with patients via email on anything medical-related. Instead, implement a Patient Portal system through your EMR or with a solution such as Medical Web Experts Basic or Enterprise Patient Portal solutions.

HIPAA – All bark and no bite?

[related_content]HIPAA is a highly complicated law (400 pages worth), even challenging for someone with both an IT and law background. Since its creation, there has been a lot of bark and no bite when it comes to enforcement – but this is all changing. In the past 2 years, we at Medical Web Experts have seen a significant increase in citations for HIPAA violations and medical practices being contacted with warnings from HIPAA governing organizations. Therefore, its important to have a plan to meet HIPAA guidelines in your practice, focusing on the highest risk issues to meet both HIPAA guidelines and to protect your business from real issues that can severely affect your business, such as data loss, lawsuits and website downtime.

About the Author

John Deutsch is the founder of Medical Web Experts and has spent the last 10 years working the healthcare IT industry, specializing in Electronic Medical Records, Network Administration and Software Development. To learn more about Medical Web Experts and their services, please visit Learn more about Healthcare Internet Security. Read the other articles in this 3 post series:

John Deutsch

John Deutsch

Founder and CCO of MWE, and business owner of 19 years with extensive experience in Healthcare IT. John is a Judge for the 2020 eHealthcare Leadership Awards and has appeared on multiple podcasts, including the Outcomes Rocket Podcast and the Hospital Finance Podcast.

Related Posts

Illustration of four people in a healthcare organization discuss ideas and the roadmap for their softare development project.

Posted on December 03, 2021 by Paul Galbraith

When embarking on a software development project, there are often many unknowns: How should legacy software integrate with new solutions? What compliance issues need to be solved? How can technologies…Read more

Illustration. Middle: computer screen. Right: girl holding a key. Left, boy holding a cell phone.

Posted on November 09, 2021 by Pablo Bullian

PHI Leaked Due to Fresno’s Health Network Hack A group of health clinics in the Fresno area that belongs to United Health Centers were hit by a ransomware attack. Not…Read more

Subscribe to Our Newsletter

Get promotions and current business tips. Sign up for our newsletter today.