The U.S. Department of Health and Human Services defines a breach as an event that “compromises the security or privacy of the protected health information.” If you can prove that the breach was unlikely to have put PHI at risk, you may be able to keep it from becoming a violation.
SEE ALSO: The Complete Guide to HIPAA Violations
To indicate that information wasn’t at risk, you’ll need to be able to show that you mitigated any damage. If your software caught the breach quickly and your personnel took action to protect your ePHI, for instance, you can use data logs to show that information was unlikely to have been compromised. Regardless of whether information was stolen, though, you’re required to notify the HHS Secretary of any breach. This notification must be made to the affected individuals, the HHS secretary, and, when applicable, the media.
Data breaches are a bigger problem than ever. In fact, in the first quarter of 2020, 8.4 billion records were exposed--a 273 percent increase over the same quarter in 2019. Data breaches are often associated with servers and devices , but where HIPAA violations are concerned, email is the top threat vector . In 2019, 39 percent of all HIPAA violations were via email. HIPAA outlines very specific guidance when it comes to email, including:
Once you understand what is a data breach and what is a HIPAA violation , it’s important to take measures to keep them from happening. HIPAA compliant email including encryption protects your communications against a data breach. Whether you’re discussing medical information with patients or interacting with employees, you’ll be able to at least take some of the pressure off.
SEE ALSO: HIPAA Email Encryption Requirements: What You Need to Know
Data breaches are an ongoing problem for healthcare-related businesses, but with the right tools in place, you can protect your ePHI without restricting your communications. Paubox Email Suite provides HIPAA compliant, encrypted email by default to help your practice remain compliant and avoid data breaches. Paubox’s convenient solution integrates with both Google Workspace and Microsoft 365 to protect your messages with no extra action on your part. You won’t have to manually secure each message because all emails are encrypted by default. The recipient can read the encrypted messages directly from the inbox, with no passwords or portal logins required.