Embedded Files
The HIPAA Privacy Rule requires that healthcare organizations limit the use of identifiable health information to only those individuals who need access to it. This means that any patient's private medical data, including social security numbers, cannot be shared without the patient's permission.
Under HIPAA, all healthcare entities, including insurers, doctors, and medical facilities, are required to be HIPAA compliant. These organizations must protect the privacy of PHI and send medical information through only HIPAA-compliant mailing services.
There are two main types of HIPAA-compliant mailing services: Certified Mail and First-Class Mail. Both are able to provide assurance of the recipient's receipt and ensure that the document arrives safely and on time.
A certified mail service guarantees that a medical record will be delivered and can verify that the mail arrived on time. If a recipient requests confidentiality, the letter must be sent in a closed envelope.
Healthcare providers can also send medical documents through other carriers. However, there are some exceptions to the HIPAA rules. For example, an organization that provides faxing or emailing services does not fall under the scope of the rule.
To be HIPAA-compliant, a provider must select a print and mail partner that has a robust privacy program. Additionally, providers must sign a business associate agreement with the printing and mail service. They can also sign a BAA with an email or faxing vendor.
When sending PHI, healthcare organizations must use first-class mail and certified mailings. In addition to ensuring that the information arrives on time, there are other benefits to certified mail.
Page updated
Google Sites
Report abuse