Health information is some of the most sensitive data stored in electronic systems. No one wants their personal health information made public, and organizations that fail to protect that information are subject to penalties ranging from hefty fines to criminal charges.

Additionally, while the HIPAA Privacy Rule protects Protected Health Information (PHI), the HIPAA Security Rule protects an additional subset of information covered by the Privacy Rule, including individually identifiable health information a covered entity creates, receives, maintains, or transmits in electronic form. This information is called electronic protected health information, or e-PHI. The Security Rule does not apply to PHI transmitted orally or in writing.

This smaller group of HIPAA laws requires that all businesses ensure the privacy, integrity, and accessibility of all e-PHI; identify and protect against anticipated threats to the security of information; protect against anticipated un-allowed uses or disclosures that are not allowed by the rule; and certify workplace compliance.

When considering mailing solutions, standard mail should never be used to send sensitive information, but documents sent through first class mail do meet HIPAA requirements. Some sensitive mailings should be sent by certified mail, which means the intended recipient needs to sign for it, and also provides proof that the mail was delivered and verifies when it was received. Sending protected health information electronically would appear to be an easy solution—data can be delivered in seconds without printing. However, encryption standards make the rules for emailing protected information are a little more complicated. Popular email systems like Gmail, Microsoft Exchange, and Outlook use SSL or TLS encryption protection, meaning the information is disguised so an unauthorized person cannot read it. However, SSL and TLS alone do not provide enough protection to meet HIPAA requirements.

FP partners with FlexSystems, a leading provider of mail and print solutions, providing solutions to meet the requirements of companies producing or processing mail that contains sensitive, private health information (PHI) using any type of database, printer, or inserter. FlexSystems document handling solution, FlexStream can handle mailings with sensitive or confidential health information by offering the ability to track electronic documents across a HIPAA-compliant secure link. FlexStream even allows users to add scancodes (OMR, 1D or 2D BCR) to documents which can be read by folder inserters to ensure all of the mail pieces are going to the correct recipient in the correct envelope.

FlexStream is deployed as a public SaaS solution using the SSL Post service, a sophisticated system of processes for secure and tracked email, to deliver electronic mail in a highly secure environment while ensuring end-to-end encryption and maximum security. In addition to offering privacy protection, FlexStream significantly reduces costs by saving printing, material, and postage. No investment in email infrastructure is required, and no email server is needed. Additionally, there is no special setup. FlexStream is available in several languages and is easy to use because the intuitive user interface incorporates ribbons, tooltips, context sensitive help, and wizards that guide users through more complex tasks. Because of its similarity to the latest Microsoft Office, it is easy to understand FlexStream’s user interface and operation—no need for IT specialists and peace of mind that all data remains secure.