We recently got an inquiry from a prospect about using Cox email for HIPAA compliance.
In previous posts, we’ve covered email providers and their capabilities for HIPAA compliance:
We know the HIPAA industry is vast so we can empathize with just how many people need to use HIPAA compliant email services in this sector.
The purpose of this post is to determine if Cox offers HIPAA compliant email or not.
SEE ALSO: HIPAA Breaches and Cloud Providers
Cox Communications is an American privately owned subsidiary of Cox Enterprises. The company provides digital cable television, telecommunications and Home Automation services. It was founded in 1962.
Cox and the Business Associate Agreement
We’ve previously talked about how a Business Associate Agreement (BAA) is a written contract between a Covered Entity and a Business Associate. It is required by law for HIPAA compliance to ensure security and privacy.
We checked the Cox website and found a datasheet called General Terms.
On pages 9-10, we found a section called:
B16. Protected Health Information.
Neither Cox email service nor Cox Online Backup is appropriate for the sending or storage of protected health information, unless encrypted by Customer. Do not use these services to send or store “protected health information,” as defined in the HIPAA regulations. Customer will defend, indemnify, and hold harmless Cox for any third party claims, including claims from Customer’s patients or the Department of Health and Human Services, or any other regulatory agency or person, that arise from Customer’s use of Cox services in violation of the HIPAA regulations.
We also saw found an updated version (21 July 2017) of the Datasheet here.
Does Cox Offer HIPAA Compliant Email Service?
The Business Associate Agreement is a key component to HIPAA compliance between a Covered Entity and a Business Associate.
Thanks to the Cox General Terms datasheet, we were able to quickly discover that Cox is not in the business of providing HIPAA compliant email service.
Conclusion: Cox does not offer HIPAA Compliant Email service.