Tag Archives: ePHI

HIPAA INFORMATION AND EMAIL – HOW TO COMPLY

by Tod Ferran, CISSP, QSA According to HHS, β€œthe Security Rule does not expressly prohibit the use of email for sending e-PHI. However, the standards for access control, integrity and transmission security require covered entities to implement policies and procedures to restrict access to, protect the integrity of, and guard against unauthorized access to e-PHI.”