Health information is some of the most sensitive data stored in electronic systems. No one wants their personal health information made public, and organizations that fail to protect that information are subject to penalties ranging from hefty fines to criminal charges.
Introduced in 1996, the Health Insurance Portability and Accountability Act (HIPAA) instituted a number of benefits for the healthcare industry to help transition from paper records to electronic copies of health information, streamlining administrative healthcare functions, improving efficiency in the healthcare industry, and ensuring protected health information is shared securely. This includes any information that could potentially identify an individual and their medical records, including names, locations, dates, medical records, health plan numbers, and more. All pharmaceutical and insurance companies, hospitals, and medical practices, regardless of size of practice, who electronically transmit health information are bound by HIPAA laws. This means entities are forbidden to produce or distribute a mail piece that shows any of an individual’s private health information.
Additionally, while the HIPAA Privacy Rule protects Protected Health Information (PHI), the HIPAA Security Rule protects an additional subset of information covered by the Privacy Rule, including individually identifiable health information a covered entity creates, receives, maintains, or transmits in electronic form. This information is called electronic protected health information, or e-PHI. The Security Rule does not apply to PHI transmitted orally or in writing.
This smaller group of HIPAA laws requires that all businesses ensure the privacy, integrity, and accessibility of all e-PHI; identify and protect against anticipated threats to the security of information; protect against anticipated un-allowed uses or disclosures that are not allowed by the rule; and certify workplace compliance.
When considering mailing solutions, standard mail should never be used to send sensitive information, but documents sent through first class mail do meet HIPAA requirements. Some sensitive mailings should be sent by certified mail, which means the intended recipient needs to sign for it, and also provides proof that the mail was delivered and verifies when it was received. Sending protected health information electronically would appear to be an easy solution—data can be delivered in seconds without printing. However, encryption standards make the rules for emailing protected information are a little more complicated. Popular email systems like Gmail, Microsoft Exchange, and Outlook use SSL or TLS encryption protection, meaning the information is disguised so an unauthorized person cannot read it. However, SSL and TLS alone do not provide enough protection to meet HIPAA requirements.
FP partners with FlexSystems, a leading provider of mail and print solutions, providing solutions to meet the requirements of companies producing or processing mail that contains sensitive, private health information (PHI) using any type of database, printer, or inserter. FlexSystems document handling solution, FlexStream can handle mailings with sensitive or confidential health information by offering the ability to track electronic documents across a HIPAA-compliant secure link. FlexStream even allows users to add scancodes (OMR, 1D or 2D BCR) to documents which can be read by folder inserters to ensure all of the mail pieces are going to the correct recipient in the correct envelope.
With FlexStream, users can choose their delivery method for their different types of outgoing documents. This digital solution will plug into an existing workflow to help determine which mailings need to be sent physically and which can be sent electronically via email. A robust, secure, and tracked email service for sensitive business documents, including those bound by HIPAA laws, FlexStream makes it easy to select the documents to be emailed, send the emails knowing that they will reach their intended recipients without passing into the wrong hands, and offers extensive tracking, audit, and follow-up functionality.
FlexStream is deployed as a public SaaS solution using the SSL Post service, a sophisticated system of processes for secure and tracked email, to deliver electronic mail in a highly secure environment while ensuring end-to-end encryption and maximum security. In addition to offering privacy protection, FlexStream significantly reduces costs by saving printing, material, and postage. No investment in email infrastructure is required, and no email server is needed. Additionally, there is no special setup. FlexStream is available in several languages and is easy to use because the intuitive user interface incorporates ribbons, tooltips, context sensitive help, and wizards that guide users through more complex tasks. Because of its similarity to the latest Microsoft Office, it is easy to understand FlexStream’s user interface and operation—no need for IT specialists and peace of mind that all data remains secure.
Jamie Spell is the National Product Sales Manager in charge of Software Solutions. He has been with FP Mailing Solutions since 2018, and working in the industry for over 10 years. When not working, Jamie enjoys travelling, golfing, and college sports.
Health information is some of the most sensitive data stored in electronic systems. No one wants their personal health information made public, and...
Recent events have brought about major change in the American workplace with social distancing and an increase in those who are working from home....
<p>This cloud-based solution easily captures, tracks and manages inbound deliveries & corporate assets</p> Today FP Mailing Solutions announces...