Is Sendoso HIPAA compliant?

Sendoso logo

HIPAA (the Health Insurance Portability and Accountability Act of 1996) is U.S. legislation created to improve healthcare standards.

Covered entities and their business associates must be HIPAA compliant to protect the rights and privacy of patients and their protected health information (PHI).

We know the HIPAA industry is vast and that it is important to easily communicate while remaining HIPAA compliant.

SEE ALSO: HIPAA compliant email

This is especially true with the recent move toward remote working and the increase in cyberattacks against healthcare.

Today, we will determine if Sendoso is HIPAA compliant or not.

About Sendoso

Founded in 2016, Sendoso is a sending platform that delivers automated direct mail and email. The idea is to program and control mail just like email and find a way to combine both with an existing marketing approach.

RELATED: Social media and email marketing for healthcare: a virtuous circle

The platform can integrate with ActiveCampaign, Hubspot, Salesforce, Amazon, and more.

SEE ALSO: How to make Salesforce emails HIPAA compliant

Sendoso and the business associate agreement

A major part of HIPAA compliance is ensuring a business associate will sign a business associate agreement (BAA). A business associate is a person or entity that performs certain functions or activities that involves the use or disclosure of PHI.

In this instance, Sendoso is a business associate of a healthcare organization if it accesses any electronic PHI (ePHI), like an address.

RELATED: Is a name PHI?

Generally, the HIPAA Privacy Rule allows healthcare providers to disclose PHI if they receive assurance that the information is protected through a signed BAA.

There is no mention of HIPAA or a BAA on the Sendoso website.

Sendoso and HIPAA direct mail marketing

The HIPAA Privacy Rule defines marketing as “a communication about a product or service that encourages recipients of the communication to purchase or use the product or service.”

RELATEDHIPAA definition of marketing explained

HIPAA compliance for marketing concerns both stored and transmitted information.

According to Sendoso’s security web page, all Sendoso communications are encrypted in transit and at rest. Furthermore, Sendoso utilizes the cloud computing platform Amazon AWS, which provides customers extra network and server security.

SEE ALSO: How and why to transition your healthcare business to the cloud

According to the web page, this means that Sendoso is SOC (System and Organization Controls) 1, 2, and 3 compliant.

Finally, Sendoso’s Privacy Policy states that the platform “will not share personal information . . . with any third parties without your consent.” Data (e.g., PHI) is kept secure from outside access.

Is Sendoso HIPAA compliant?

The BAA is a key component of HIPAA compliance and though Sendoso utilizes strong cybersecurity measures, there is no mention of a BAA.

Conclusion

Sendoso is not HIPAA compliant.

HIPAA compliant email marketing

Healthcare providers know that clear and efficient communication with patients is a key component of running their practice. Email marketing can be a compliment or replacement to direct mail marketing to promote your business.

Paubox Marketing sends healthcare marketing emails directly to your patients’ inboxes. This increases patient activation and keeps patients engaged with their healthcare treatment.

Paubox Marketing allows you to securely communicate with patients about:

  • Appointment reminders
  • Patient feedback
  • Treatment information
  • And many more uses

SEE ALSO: Why Paubox Marketing is the best HIPAA email marketing solution available

Paubox is dedicated to providing the highest quality of security to healthcare providers. Our products are HITRUST CSF certified which means we have met key regulatory requirements and industry-defined requirements and are appropriately managing risk.

Try Paubox Marketing for free and make your email marketing HIPAA compliant today.

About the author

Kapua Iao

Read more by Kapua Iao

Get started with
end-to-end protection

Bolster your organization's security with state-of-the-art email encryption and inbound email security.

Highest rated HIPAA compliant messaging solution on G2

EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader
SecureEmailGateway BestSupport Mid Market QualityOfSupport
EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader
SecureEmailGateway BestSupport Mid Market QualityOfSupport