Is Lob HIPAA compliant?

Featured image

Share this article

Lob logo

HIPAA (the Health Insurance Portability and Accountability Act of 1996) is U.S. legislation created to improve healthcare standards.

Covered entities and their business associates must be HIPAA compliant to protect the rights and privacy of patients and their protected health information (PHI).

We know the HIPAA industry is vast and that it is important to easily communicate while remaining HIPAA compliant.

SEE ALSO: HIPAA compliant email

This is especially true with the recent move toward remote working and the increase in cyberattacks against healthcare.

Today, we will determine if Lob is HIPAA compliant or not.

About Lob

Launched in 2015, Lob automates and simplifies direct mail marketing and address verification. The idea is to program and control mail just like email.

RELATED: Social media and email marketing for healthcare: a virtuous circle

This includes sending postcards, self-mailers, letters, and checks to partners and patients alike.

Lob uses cloud software and APIs to help organizations send smarter, faster, and safer mail worldwide, saving time and money in the process. Mail is automatically tracked from production to delivery to meet various compliance requirements and to provide a tracking method for mail campaign performances.

Lob and the business associate agreement

A major part of HIPAA compliance is ensuring a business associate will sign a business associate agreement (BAA). A business associate is a person or entity that performs certain functions or activities that involves the use or disclosure of PHI.

In this instance, Lob is a business associate of a healthcare organization if it accesses any electronic PHI (ePHI), like an address.

RELATED: Is a name PHI?

Generally, the HIPAA Privacy Rule allows healthcare providers to disclose PHI if they receive assurance that the information is protected through a signed BAA.

Lob has a web page that addresses healthcare and states that the company is HIPAA compliant for its Enterprise customers. According to Support, customers need to contact sales to get a BAA.

Lob and HIPAA direct mail marketing

The HIPAA Privacy Rule defines marketing as “a communication about a product or service that encourages recipients of the communication to purchase or use the product or service.” HIPAA compliance for marketing concerns both stored and transmitted information.

RELATEDHIPAA definition of marketing explained

On its healthcare and security web pages, Lob stresses its HIPAA compliance and cybersecurity features from product to corporate level. First, Lob stores all data on the cloud to ensure security.

Second, the company undergoes a SOC (System and Organization Controls) 2 Type 2 and HIPAA audit annually. Furthermore, Lob employs encryption at rest and in transit, as well as endpoint security, to secure transactions.

Finally, technical access controls such as password security and privileged access management are available.

Is Lob HIPAA compliant?

The BAA is a key component of HIPAA compliance and Lob will sign a BAA for its Enterprise clients, asking healthcare organizations to contact sales to learn more.

Conclusion

Lob can be HIPAA compliant.

HIPAA compliant email marketing

Healthcare providers know that clear and efficient communication with patients is a key component of running their practice. Email marketing can be a compliment to direct mail marketing to promote your business.

Paubox Marketing sends healthcare marketing emails directly to your patients’ inboxes. This increases patient activation and keeps patients engaged with their healthcare treatment. 

Paubox Marketing allows you to securely communicate with patients about:

  • Appointment reminders
  • Patient feedback
  • Treatment information
  • And many more uses

SEE ALSO: Why Paubox Marketing is the best HIPAA email marketing solution available

Paubox is dedicated to providing the highest quality of security to healthcare providers. Our products are HITRUST CSF certified which means we have met key regulatory requirements and industry-defined requirements and are appropriately managing risk.

Try Paubox Marketing for free and make your email marketing HIPAA compliant today.
Author Photo

About the author

Kapua Iao

Read more by Kapua Iao

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022