The HHS HIPAA Breach Portal (also know as the Wall of Shame) covers all data breaches that affect 500 or more individuals. Data breaches happen frequently, and covered entities can't ignore the constant threat of cybercrimes. Email breaches are one of the most common attack vectors. From July to September 2021 alone, email accounted for 35% of data breaches. Many covered entities choose to use patient portals to solve the problem of being able to safely communicate with their patients. But patient portals aren't as secure as you think. HIPAA compliant email is a safer bet. We'll explain why below.
Patient portals aren't more secure than email
A few years ago, patient portals were pushed as a standard for email security. But they use the same encryption method as email, so covered entities aren't necessarily more secure. Read more: Email portals aren't the answer to secure email Patient portals instead introduce patient engagement problems. Patients aren't likely to use a patient portal. This causes disengagement that lowers the quality of patient care. Patients may be more likely to engage with their healthcare professionals if they received emails directly in their inboxes. Email with guaranteed encryption allows doctors and patients to communicate without risking HIPAA violations.
Patient portals aren't the only way to have HIPAA compliant communication
Encrypted emails are a more convenient way to discuss protected health information (PHI) compared to patient portals. But human error can still cause potential HIPAA violations. Some email security platforms need additional steps to encrypt emails like adding the word "Secure" into an email subject line. Employees can often forget this step and then accidentally send an unencrypted email. That's a HIPAA violation and could also lead to more disastrous results like a cybercriminal stealing PHI.
Read more: Why email is better than patient portals
That's why it's imperative that covered entities apply encryption security that is easy for their employees to use. Paubox Email Suite automatically encrypts all sent emails by default which avoids human error. It also seamlessly integrates into your current email provider like Google Workspace or Microsoft 365 , which means your employees don't need additional training to use it. Patients receive emails directly to the inbox, no password or portal required. Paubox is committed to making HIPAA compliant email easy and secure, which is why we received the HITRUST CSF certification for all our products . A business associate agreement (BAA) is included in all plans, so you can rest assured that Paubox is keeping your emails secure.
Try Paubox Email Suite for FREE today.
