Coral is a healthcare IT company with a platform that directly connects health plans and providers. Coral allows its users to manage the entire referral process from the first call of the patient to the last bill from the provider. Its nationwide system is used by self-insured employers who want bundled offerings and providers who want easy access and management for bundled cases. Coral has 60 remote employees and works with more than 1,000 provider offices across the country.
A key part of Coral’s platform is sending transactional email notifications to its users, whether providers, employers, or patients. Its messaging platform must be HIPAA compliant and guarantee that every automated notification is secure and encrypted.
At the same time, Coral’s team sends thousands of emails a month outside of its secure platform, some of which may include protected health information (PHI).
Company snapshot |
|
Industry |
Healthcare IT |
Use case |
Securing PHI both inside and outside Coral’s platform |
Goals |
|
Used solution |
Paubox Email API |
Favorite features |
|
Email notifications are a vital part of Coral’s platform – they alert customers whenever they have a new Coral message, prompting them to check the system. However, before Paubox, in order to remain HIPAA compliant those automated notifications were not as helpful to customers as they could be.
“Within our system, we used very vague language in our notifications, so that we didn’t violate HIPAA,” said Morgan Smith, Coral’s head of product development.
While this approach was in compliance with regulations, it missed an opportunity to provide excellent service to Coral’s customers. For example, a provider might get a notification that reads, “You have a new message in Coral.” There is no way for the provider to know if the message is important, urgent, or neither. The provider has to go to the trouble of logging in to find out. Over time, Coral users might be less engaged with the platform as a result.
Email security also presented a roadblock as Coral sought to add new features to its platform. For example, Coral is launching a new feature that creates healthcare vouchers and sends them to patients. However, without encryption, those emails would constitute a HIPAA violation.
Coral’s team first learned about Paubox when a customer sent them an email secured by Paubox. “Ever since we started getting a high volume of customers, we’ve used Paubox to secure everything. It was love at first email footer,” Smith quipped.
Paubox’s seamless, behind-the-scenes email encryption secures every email automatically, with no extra steps for senders or recipients to take. Unlike cumbersome portal-based email encryption solutions, Paubox doesn’t add time or complexity for users. And unlike keyword-based solutions, Paubox doesn’t depend on senders remembering to encrypt specific messages – which can lead to lapses in HIPAA compliance. Paubox Email API is HITRUST CSF certified, meeting the industry’s highest email security and HIPAA compliance standards.
With Paubox Email API, developers can add Paubox’s amazing technology to their own healthcare IT solutions. Coral uses the API to bring Paubox’s HIPAA compliant email infrastructure to Coral’s messaging platform. That way, Coral can add more information into the notifications it sends customers. “Using Paubox Email API for our system notifications saves our customers time, saves them trouble, and gives them more information,” Smith said.
In the past year, Paubox has encrypted nearly 500,000 emails for Coral, including outbound notifications sent through the Coral platform and emails sent directly from 46 Coral team member accounts. “Paubox protects everyone from themselves in a great way. The peace of mind that we get from knowing that everything we send is encrypted frees everyone at Coral up to focus on their work instead of focusing on compliance,” Smith noted.
The time savings – both for Coral’s employees and for its customers – has been tremendous. “Using Paubox doesn’t add anything to our workload. Rather, it reduces the mental burden of focusing on email encryption and HIPAA compliance,” Smith said. “Paubox is a guardian angel protecting the Coral team.”