by Arianna Etemadieh
Article filed in
How Can My Patients Send Me A Secure HIPAA Compliant Email First?
by Arianna Etemadieh
When a patient has a medical concern and wants to reach out to their healthcare provider, office phones can be tied up and they are left with no answers. Additionally, some medical concerns are better explained visually than verbally.
Considering some medical practices have perpetual busy tones, how else can your patients reach you? Thanks to technology, there is a popular alternative: email.
However, most medical concerns involve mentioning protected health information (PHI) of some kind. In order to ensure your organization is HIPAA compliant, any communication with your patients needs to be secure and encrypted.
With Paubox, there are ways for your patients to engage securely with your organization without you having to send an email to them first. Here’s how it works.
Use a secure URL to receive secure messages from patients
There is no way a patient can send you a secure email first without having email encryption in place themselves. However, a Paubox encrypted contact form is a seamless workaround for patients to send secure messages to their healthcare providers.
Our Paubox encrypted contact form features basic fields for patients to fill in, such as their name, email address, phone number, and a brief message. We’ll also include a space where patients can upload up to 50 megabytes of attachments (such as photos or documents).
Patients can access the encrypted contact form through a secure, custom URL that can be placed anywhere on your website. This allows the patient to send a secure message to your organization first, and the information will be delivered in a HIPAA compliant email straight to your inbox, avoiding the hassle of hard copies, scanning and manual entry.
Every Paubox account comes with one encrypted email address and one encrypted contact form.
You can attach encrypted contact forms to your website or send it through an email.
The contact form link will be hosted on our secure Paubox server, so you don’t need to worry about having a HIPAA compliant website and server.
How Paubox’s contact form encryption works
If your patient is not a Paubox subscriber, Paubox can still encrypt their incoming contact form email.
The Paubox encrypted contact form links with any Google Workspace, Microsoft 365 or Microsoft Exchange email account. The selected email account will receive the contact form via email after the patient fills it out.
If your business email provider includes a BAA with its service, then the BAA will cover any emails at rest in your inbox for HIPAA compliance.
For emails in transit, Paubox utilizes TLS encryption to secure the email as it is delivered to the selected inbox.
If you use Paubox’s email encryption service, you can take the Paubox encrypted contact form one step further by directly replying to the contact form email in a secure, HIPAA compliant manner.
You can see a visual confirmation of this process at the footer of every Paubox email. The footer reads, “This incoming email was seamlessly encrypted by Paubox,” as seen below:
Paubox Email Suite takes care of in-transit encryption at no extra cost. And just like our encrypted contact form, it’s very easy to use.
A Paubox encrypted contact form on your website will show your patients that you are taking their privacy and security seriously by allowing them to contact your organization in a secure, HIPAA compliant manner.