Dedicated to providing the latest
HIPAA compliance news

Encrypted Email Archiving for PHI

Encrypted Email Archiving for PHI

Archiving Emails Containing PHI

Encrypted email archiving for PHI is not a requirement of the HIPAA Security Rule. However, due to the volume of space used to securely store emails containing PHI – and medical records attached to emails – for the stipulated retention period of six years, encrypted email archiving for PHI is a solution chosen by many healthcare organizations to free space within their internal servers.

A benefit of archiving emails containing PHI is that the indexing process saves time and money when healthcare organizations retrieve patient data, comply with e-discovery requests, or fulfil HIPAA audit obligations. However, as with all electronic communications containing PHI, safeguards still have to exist to prevent the unauthorized disclosure of PHI, and its improper alteration or deletion.

HIPAA Compliant Encrypted Email Archiving for PHI

Due to the space required to securely store six years of emails and their attachments, many healthcare organizations outsource the archiving of emails containing PHI to third party service providers. When evaluating potential service providers, HIPAA compliance is a key consideration. Service providers have to comply with the HIPAA Security and Privacy Rules in the same way as Business Associates.

Consequently, when archiving emails containing PHI, service providers have to ensure that PHI is encrypted when emails are being exported to their secure servers and during search and retrieval. Furthermore, the same access controls and audit controls as would be demanded within a healthcare organization must be implemented at server locations in order to ensure the integrity of PHI at all times.

Archiving Emails Containing PHI Can Prevent Malicious Data Breaches

Each year, the Ponemon Institutes conducts a survey on data privacy and security within the healthcare industry. In recent years, the survey has identified a growing trend of malicious data breaches attributable to dishonest or disgruntled employees accessing or disclosing PHI without authorization in order to sell the data on the black market.

The growing trend of malicious data breaches is a major concern for healthcare organizations. The black market value of PHI is considerably higher than stolen credit cards due to the recipients of the confidential data creating false identities, obtaining free medical treatment and committing insurance fraud. By archiving emails containing PHI, and allowing only authorized personnel access to the archived data, healthcare organizations can mitigate the risk of malicious data breaches.

Speak with TitanHQ about Encrypted Email Archiving for PHI

TitanHQ is leading software developer of security solutions for the healthcare industry. Our security software helps healthcare organizations with mitigating the threats from online infections, eliminating spam emails and, via our cloud-based ArcTitan email archiving solution, enable encrypted email archiving for PHI.

ArcTitan is a solution for archiving emails containing PHI that is easy to install and requires minimal maintenance overhead. The solution provides customizable role management option, straightforward active directory integration, automatic backup and a full reporting suite that allows for automated searches to be scheduled and delivered by email.

ArcTitan is a feature-rich solution for archiving emails containing PHI that allows authorized users to safely search emails and their attachments, and retrieve them from any location via an Outlook plug-in or browser-based portal. Other features of ArcTitan´s encrypted email archiving for PHI include:

ArcTitan is deployed on AWS to spare internal resources and reduce organization´s onsite data footprint while guaranteeing the same level of security as an on premise solution.

  • ArcTitan is a cloud-based solution, deployed on AWS to reduce an organization´s onsite data footprint.
  • The solution for archiving emails containing PHI is compatible with all major mail servers and email services.
  • ArcTitan can archive more than 200 emails a second and search more than 30 million emails a second.
  • Authorized users can search within all common attachment types and restore emails from the ArcTitan servers as required.
  • A single sign on option is available for Google, Windows, iMail and LDAP, with all passwords being hashed and encrypted for added security.
  • ArcTitan´s encrypted email archiving for PHI is scalable to more than 60,000 users, with full audit functionality to comply with access control requirements.