Paubox blog: HIPAA compliant email made easy

Paubox Weekly: HIPAA enforcement discretion for COVID-19 to expire May 11

Written by Dean Levitt | April 15, 2023

Hello world!

Today’s Paubox Weekly is 415 words - a 2 minute read.

Want to get this type of content delivered to your inbox every Friday? Subscribe to Paubox Weekly. 

 

1. HIPAA enforcement discretion for COVID-19 to expire midnight, May 11, 2023

 

 

The U.S. Department of Health and Human Services' Office for Civil Rights has announced the expiration of the COVID-19 related HIPAA Enforcement Discretion measures on May 11, 2023.

What they're saying: "OCR is continuing to support the use of telehealth after the public health emergency by providing a transition period for health," said Melanie Fontes.

The transition period ends in August

 

 

2. Telehealth HIPAA compliance after the COVID-19 exemption ends

 

 

The Telehealth HIPAA Enforcement Discretion allowed healthcare providers to use some products even if they didn't fully comply with HIPAA regulations. 

Why it matters Healthcare professionals must transition their telehealth services to fully compliant solutions.

Suggestions to transition into HIPAA compliance

 

 

3. Why Google Workspace and Microsoft 365 aren't enough for complete HIPAA compliance

 

 

These platforms do not guarantee complete protection for every email sent and received. 

Why it matters: If the recipient's server doesn't use TLS, the connection won't be secure, resulting in a potential HIPAA violation.

The email encryption gap

 

 

4. HHS seeks to strengthen HIPAA Privacy Rule for reproductive health care

 

 

On April 12, 2023, the HHS issued a Notice of Proposed Rulemaking to prohibit the disclosure of PHI in investigations related to legal reproductive health care.

In the know: The proposed rule changes would extend privacy protections to healthcare providers, insurers, patients, and others involved in reproductive health care. 

Heightened concerns about patient health information

 

 

5. PHI disclosures by business associates after the COVID-19 exemption ends

 

 

The Protected Health Information Disclosures by Business Associates allowed associates to share PHI with public health authorities without a proper BAA in place.

Key impacts: Both associates and covered entities must reevaluate their compliance with HIPAA regulations. 

The steps to take

 

 

Community links

  • Reproductive health data isn’t always protected under HIPAA. Link
  • Ethical email marketing for healthcare organizations. Link
  • How long should healthcare email newsletters be? Link
  • Understanding opt-in and HIPAA compliant email marketing. Link
  • Best Practices for securing medical IoT devices. Link

 

Good reads from around the web

  • Hackers claim vast access to Western Digital systems. Link
  • When healthcare is decided by algorithms, who wins? Link

  • Why don’t whales get cancer? Cracking one of medicine’s greatest mysteries. Link
  • Salesforce targets home health, prior authorizations. Link
  • Leading the charge: Developing your leadership voice in digital health. Link
  •  

Get featured on Paubox

Do you have strong opinions about the healthcare industry? Do you have ideas other healthcare professionals will find interesting?

Reach out and let's talk about it.