Paubox Weekly: Can Salesforce CRM be HIPAA compliant?

Hello world!

Today’s Paubox Weekly is 423 words - a 2 minute read.

Want to get this type of content delivered to your inbox every Friday? Subscribe to Paubox Weekly. 

1. Can Salesforce CRM be HIPAA compliant?

Thanks to Paubox, you can ensure that Salesforce CRM outgoing emails are encrypted and HIPAA compliant.

Why it matters: If your Salesforce CRM emails contain PHI, then they must be encrypted in transit to be HIPAA compliant.

A simple set up process

Did you know?

You can earn $250 for every organization you send our way. Here's how.

2. iHealth Solutions settles HIPAA investigation from the Office for Civil Rights

iHealth Solutions was recently investigated for violating HIPAA regulations. They agreed to pay $75,000 and implement a corrective action plan.

What happened: The breach was caused by a network server left unprotected in 2017 which left 267 individuals' information vulnerable at the time. 

A tight timeline to address issues

3. Palomar Health reveals data breach amid financial troubles

Palomar Health has filed a data breach with the California Attorney General’s Office, potentially affecting Palomar’s financial situation and affecting patients. 

What happened: A vendor, PharMerica notified Palomar that a third party accessed their systems and potentially obtained personal patient information. Money Message, a ransomware group, took credit for the attack 

Not the only issue Palomar Health is handling this year

4. Does HIPAA apply to incoming emails?

The recipient of an email containing PHI is not liable for encrypting the incoming email in transit.

The bottom line: If the recipient is a covered entity, they must still store the email in a HIPAA compliant manner and implement safeguards like access control and multi-factor authentication.

All emails with PHI are subject to HIPAA regulations

5. 24 State Attorney Generals sign letter in support of stronger HIPAA reproductive healthcare protections

Attorney Generals in 24 states released a letter in support of strengthening HIPAA privacy protections in reproductive healthcare.

Why it matters: By signing the letter, and offering further guidance, the attorney generals are signaling support and outlining their individual state efforts to protect individuals' reproductive healthcare privacy.

They also offered several recommendations

Community links

• Can Zendesk be HIPAA compliant? Link
• Guidelines for HIPAA compliant therapy patient referrals. Link
• Protecting reproductive health information. Link
• How to know if you’re a business associate. Link
• How dentists can innovate with ChatGPT. Link
• The 12 steps to HIPAA compliance. Link

Good reads from around the web

• Is AI Development "Research" Under HIPAA? Link
• Sleep Divorce: Do people really sleep better if they're not sharing a bed? Link
• Cybersecurity is the healthcare your organization needs. Link
• FTC prepares “the big one,” a major lawsuit targeting Amazon’s core business. Link
• Healthcare organizations increase IT budgets as cybersecurity concerns rise. Link