Paubox blog: HIPAA compliant email made easy

Is Setmore HIPAA compliant?

Written by Sara Nguyen | April 20, 2021

One challenge that healthcare organizations face is the ability for patients to book appointments in a HIPAA compliant manner. Online scheduling software doesn't always meet HIPAA security requirements, which is vital for healthcare organizations.  Let's review Setmore to see if it is an option for covered entities.

 

What is Setmore?

 

Setmore is scheduling software designed for multiple industries. However, Setmore Health is specifically meant for healthcare organizations and their unique security needs for scheduling software.

 

Setmore and the business associate agreement

 

One of the key requirements in choosing online scheduling software is whether or not the company will sign a business associate agreement ( BAA ). Third-party vendors that could have access to protected health information ( PHI ) are referred to as business associates and need to comply with HIPAA security rules. A BAA ensures that business associates are protecting PHI from unauthorized users. Covered entities should only partner with vendors that are willing to sign a BAA. Setmore Health is one of those options. As part of the account set-up process, the company provides a standard BAA that discusses how data is used with a Setmore Health account.

 

Setmore and data security

 

Setmore Health has enhanced security features. Data is stored via an API with built-in encryption and authentication layers. It also lets you restrict features that could potentially expose PHI if used incorrectly.

Some of these configurations include:

  • Restricted phone app access: Users only have full access using the web app. Access from phone apps will be limited.
  • No class features: You will not be able to create classes or sessions with Setmore Health.
  • Disabling customer reviews: The customer review feature lets people leave reviews, but it is deactivated with Setmore Health.
  • Simplified notifications: Patients and staff receive shortened notifications that don't contain PHI.
  • Cancel/reschedule notifications turned off: Covered entities cannot to send notifications for patients to cancel or reschedule appointments.

 

While Setmore does have security features for HIPAA compliance, it's up to covered entities to review and configure Setmore to meet their needs.

 

Is Setmore HIPAA compliant?

 

Yes, Setmore can be HIPAA compliant. You will need to create a Setmore Health account to receive a BAA and access the enhanced security features.

 

Is it time to upgrade your email security?

 

Setmore encourages covered entities to review all third-party software to ensure that it's also HIPAA compliant. So are you sending HIPAA compliant email?

Paubox Email Suite Plus may just be the email security solution that your healthcare organization needs.  It seamlessly integrates with your current email provider, including Google Workspace and Microsoft 365. Your employees can send encrypted emails directly to a patient's inbox. Say goodbye to client portals and forgotten passwords. SEE ALSO: Why Email Is Better than Patient Portals It also includes our patented ExecProtect feature to protect you from display name spoofing emails and stops threats like spam, malware, viruses, and phishing emails from entering a user's inbox.

 

Try Paubox Email Suite for FREE today.