While it's possible to have a HIPAA compliant WordPress website , covered entities need to take precautions on the plug-ins they use. It's essential to only install plug-ins that are trustworthy and meet HIPAA guidelines.
What is Revive Old Post?
Revive Old Post is a WordPress plug-in that automatically posts content from a website to social media networks like Facebook , Twitter, and more.
Read more: Social media for healthcare professionals - what to watch for
Revive Old Post and business associate agreements
Covered entities need to sign a business associate agreement (BAA) with third-party vendors that handle protected health information (PHI) . The BAA is a written contract that outlines the duties and responsibilities of business associates in safeguarding PHI. Revive Old Post makes no mention of a willingness to sign a BAA on its website.
Revive Old Post and data security
Data needs to be safeguarded in order to stay in compliance with HIPAA security standards. Revive Old Post doesn't say on its website that it has the necessary safeguards to protect PHI. Revive Old Post does protect visitor information with malware scanning and encryption via SSL technology. However, per its privacy policy, " We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential." In other words, with advance notice, Revive Old Post may sell, trade or transfer PII to other parties, and it does not always notify customers when it shares data with website maintenance parters. This is a problem for healthcare providers indeed.
Is Revive Old Post HIPAA compliant?
No, Revive Old Post isn't HIPAA compliant. It does not appear to sign a BAA, and it might share your data.
Read more: Social media & HIPAA compliance: the ultimate guide
Communicate to your patients with HIPAA compliant email
While social media may be one way to communicate with your patients, covered entities also need to send HIPAA compliant email because it is critical to protecting patient data and your company’s network.
Paubox Email Suite Plus is the solution for your email security needs. It offers robust inbound security that stops threats from entering an employee's inboxes, including viruses , malware , and display name spoofing emails.
It also includes our latest security feature, Zero Trust Email , which is an additional layer of protection against phishing emails . Your employees will be able to use it easily since it seamlessly integrates with your current email provider such as Google Workspace or Microsoft 365, and your encrypted emails arrive directly to a patient's inbox. There's no need to complicate communication with patient portals anymore.
Try Paubox Email Suite for FREE today.
