Is L-Soft HIPAA Compliant?
by Chloe Bowen
We’ve been getting asked by customers and prospects about L-Soft and whether or not they can use it in a HIPAA compliant manner.
We know the HIPAA industry is vast so we can empathize with just how many people need to use cloud-based services in this sector.
Today we will determine if LISTSERV Maestro offers HIPAA compliant email for marketing or not.
L-Soft offers a number of email marketing products, including email marketing software, email list software, as well as email hosting software.
Its list management tools allow users to connect people with newsletters, email groups, forums, and blogs. Its email marketing products engage subscribers with targeted opt-in email marketing campaigns.
L-Soft and the business associate agreement
I looked deep into the Internet to find evidence whether or not L-Soft will sign a BAA, but I found no mention of it anywhere. I also found no mention of L-Soft working with healthcare providers, or whether or not the company offers HIPAA compliant services.
I even emailed the company asking about signing a BAA, but the company never responded to me.
L-Soft and data security
I also couldn’t find much about L-Soft’s treatment of protected health information (PHI) either. All I could find is some policy’s regarding personally identifiable information (PII), which is not the same thing.
PII is is a general term referring to ANY sensitive data used to identify, contact, or locate a specific individual. It is not a term specific to HIPAA regulations.
PHI on the other hand is defined by HIPAA as any information that can identify a patient that is used or disclosed during the course of care.
But for HIPAA compliance purposes, this doesn’t tell us much.
I couldn’t find anything online about L-Soft’s encryption policy either, and since its own website doesn’t have SSL encryption enabled, that doesn’t bode well.
Is L-Soft HIPAA compliant?
The business associate agreement is a key component to HIPAA compliance, as is protecting PHI. I found no evidence of either with L-Soft.
L-Soft is not a HIPAA compliant email marketing solution.
HIPAA email marketing tools comparison
To meet the unmet need for HIPAA compliant email marketing, we created Paubox Marketing. It is the only solution that will:
- Sign a BAA
- Provide military-grade encryption
- Allow you to include PHI in your marketing emails
- Allow patients to read your emails directly from their inbox with no extra steps
In addition, Paubox Marketing is HITRUST CSF certified.
Compared to the standard marketing tools, Paubox Marketing is the best option for maintaining HIPAA compliance while harnessing the power of personalized email marketing.
|Company||Will they sign a BAA?||Can you send PHI?|
|Blue Orchid Marketing||NO||NO|
|Mad Mimi (GoDaddy)||NO||NO|
|Infusionsoft by Keap||YES||NO|
|Salesforce Marketing Cloud||YES||NO|
|Eloqua (Oracle)||YES||YES **|
(** To use Oracle Eloqua in a HIPAA compliant manner, recipients receive two emails for every message you send. Patients must also log into a secure message center to view your message—it does not appear in their inboxes. This creates friction and makes it less likely that your patients will read your marketing email.)