Encrypted Email Archiving for PHI

Encrypted Email Archiving for PHI

Archiving Emails Containing PHI

Encrypted email archiving for PHI is not a requirement of the HIPAA Security Rule. However, due to the volume of space used to securely store emails containing PHI – and medical records attached to emails – for the stipulated retention period of six years, encrypted email archiving for PHI is a solution chosen by many healthcare organizations to free space within their internal servers.

A benefit of archiving emails containing PHI is that the indexing process saves time and money when healthcare organizations retrieve patient data, comply with e-discovery requests, or fulfil HIPAA audit obligations. However, as with all electronic communications containing PHI, safeguards still have to exist to prevent the unauthorized disclosure of PHI, and its improper alteration or deletion.

HIPAA Compliant Encrypted Email Archiving for PHI

Due to the space required to securely store six years of emails and their attachments, many healthcare organizations outsource the archiving of emails containing PHI to third party service providers. When evaluating potential service providers, HIPAA compliance is a key consideration. Service providers have to comply with the HIPAA Security and Privacy Rules in the same way as Business Associates.

Consequently, when archiving emails containing PHI, service providers have to ensure that PHI is encrypted when emails are being exported to their secure servers and during search and retrieval. Furthermore, the same access controls and audit controls as would be demanded within a healthcare organization must be implemented at server locations in order to ensure the integrity of PHI at all times.

Archiving Emails Containing PHI Can Prevent Malicious Data Breaches

Each year, the Ponemon Institutes conducts a survey on data privacy and security within the healthcare industry. In recent years, the survey has identified a growing trend of malicious data breaches attributable to dishonest or disgruntled employees accessing or disclosing PHI without authorization in order to sell the data on the black market.

The growing trend of malicious data breaches is a major concern for healthcare organizations. The black market value of PHI is considerably higher than stolen credit cards due to the recipients of the confidential data creating false identities, obtaining free medical treatment and committing insurance fraud. By archiving emails containing PHI, and allowing only authorized personnel access to the archived data, healthcare organizations can mitigate the risk of malicious data breaches.

Speak with TitanHQ about Encrypted Email Archiving for PHI

TitanHQ is leading software developer of security solutions for the healthcare industry. Our security software helps healthcare organizations with mitigating the threats from online infections, eliminating spam emails and, via our cloud-based ArcTitan email archiving solution, enable encrypted email archiving for PHI.

ArcTitan is a solution for archiving emails containing PHI that is easy to install and requires minimal maintenance overhead. The solution provides customizable role management option, straightforward active directory integration, automatic backup and a full reporting suite that allows for automated searches to be scheduled and delivered by email.

ArcTitan is a feature-rich solution for archiving emails containing PHI that allows authorized users to safely search emails and their attachments, and retrieve them from any location via an Outlook plug-in or browser-based portal. Other features of ArcTitan´s encrypted email archiving for PHI include:

ArcTitan is deployed on AWS to spare internal resources and reduce organization´s onsite data footprint while guaranteeing the same level of security as an on premise solution.

  • ArcTitan is a cloud-based solution, deployed on AWS to reduce an organization´s onsite data footprint.
  • The solution for archiving emails containing PHI is compatible with all major mail servers and email services.
  • ArcTitan can archive more than 200 emails a second and search more than 30 million emails a second.
  • Authorized users can search within all common attachment types and restore emails from the ArcTitan servers as required.
  • A single sign on option is available for Google, Windows, iMail and LDAP, with all passwords being hashed and encrypted for added security.
  • ArcTitan´s encrypted email archiving for PHI is scalable to more than 60,000 users, with full audit functionality to comply with access control requirements.


Is there a minimum email retention period for emails under HIPAA?

HIPAA does not have a minimum retention period for emails, but there are requirements to retain certain HIPAA-related documentation for a minimum of 6 years from either the date of creation or the last effective date, whichever is later. Those requirements apply to electronic data, which includes email.

Can TitanHQ assist with email migration?

Many organizations use ArcTitan as part of the migration to new email services. TitanHQ’s experts can assist organizations with migrations of email accounts to the cloud and will advise if a cutover, staged, or hybrid migration is best suited to your organization’s needs.

How much storage space can be saved with an email archive?

Email archiving solutions deduplicate messages and compress them for long term storage, which can result in a saving of up to 80% of storage space, while also significantly easing the load on mail servers.

Will TitanHQ sign a business associate agreement covering ArcTitan?

Yes. ArcTitan supports HIPAA-compliance and includes all appropriate safeguards to comply with the HIPAA Security Rule. TitanHQ is willing to enter into business associate agreements with healthcare organizations.

How does TitanHQ charge for ArcTitan Email Archiving?

Like other software-as-a-service offerings, ArcTitan is charged as a subscription for a set period on aper user basis, but only for active mailboxes. Many email archiving solutions charge per mailbox, regardless of whether that mailbox is active, which can result in unnecessary spending over time, especially for businesses with a high staff turnover.

How much does ArcTitan email archiving cost?

ArcTitan is one of the lowest-cost cloud-based email archiving solutions, with pricing for a company with 250 users costing $2.80 per user, per month. There are discounts available for longer contract terms and the per user cost reduces considerably for higher numbers of users. Contact TitanHQ for a personalized quote.

Immediate Access

Privacy Policy