Is PlanPlus Online HIPAA compliant?

Featured image

Share this article

Paubox blog - Is PlanPlus Online HIPAA compliant?

PlanPlus Online is a cloud-based customer relationship management (CRM) platform that offers a combination of sales, marketing, and collaboration features to help businesses centralize contacts, prioritize the right tasks, and boost overall productivity.

While CRMs can be a valuable way to strengthen operations, it is crucial for covered entities to make HIPAA compliance a priority.

Let’s find out if PlanPlus Online meets these important security standards.

SEE ALSO: HIPAA compliant email

PlanPlus Online and business associate agreements

Third-party vendors that store, access, or send protected health information (PHI) are considered business associates.

When covered entities work with business associates, a business associate agreement (BAA) must be signed by both parties. This is a written document that outlines the responsibilities of the business associate to keep PHI secure. Without a signed BAA, the vendor cannot be considered HIPAA compliant.

PlanPlus Online’s HIPAA compliance policy states that the company agrees to provide services that may involve the “creation, receipt, maintenance, or transmission of PHI” and “a full BAA documentation is available for any customer” through its sales representatives.

PlanPlus Online and data security

Beyond the BAA, data protection is another key element of HIPAA compliance. Therefore, covered entities should evaluate the specific protocols that a vendor has in place to keep PHI secure.

According to the company’s website, PlanPlus Online’s robust application security model prevents customers from accessing each other’s information and all data is automatically backed up on a nightly basis. The company also uses a minimal number of controlled access points to all production servers, hardens systems by removing unnecessary users and processes, and protects the network with multiple firewalls and intrusion detection tools.

PlanPlus Online additionally encrypts each user’s login information, noting that “customers must accept shared responsibility for keeping passwords and authentication to individual accounts.” The company’s end user agreement reiterates that customers are fully liable for “all activities that occur under the password.”

Other internal safeguards include network address translation, port redirection, and non-routable IP addressing schemes, but it is up to the customer to “set up their permissions within their own account.”

Is PlanPlus Online HIPAA compliant? 

Yes, PlanPlus Online can be made HIPAA compliant with a signed BAA. However, it is the covered entity’s responsibility to ensure that all additional configurations are made to minimize risks and maintain security standards.

Step up your protection 

Although PlanPlus Online may be built to meet HIPAA requirements, healthcare providers should be taking extra steps to proactively safeguard PHI with better email security.

Designed to seamlessly integrate with your existing email platform such as Google Workspace or Microsoft 365, Paubox Email Suite enables HIPAA compliant email by default and automatically encrypts every outbound message. This means you don’t have to spend time deciding which emails to encrypt and your patients can receive your messages right in their inbox without having to navigate any additional passwords or portals.

Paubox Email Suite’s Plus and Premium plan levels also come with innovative inbound email security tools that provide an additional layer of protection from potential threats. Our patent-pending Zero Trust Email feature uses email AI to confirm an email’s legitimacy, while ExecProtect works quickly to intercept display name spoofing attempts.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Sara Uzer

Read more by Sara Uzer

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022