For companies in the healthcare industry, ensuring that the email communication being used within your organization is HIPAA compliant is absolutely essential to the protection and confidentiality of patient healthcare information.
Not to mention, HIPAA compliant email is required by law for all healthcare organizations, including healthcare providers as well as insurance companies.
But, just what is HIPAA and how can you make sure that your email is HIPAA compliant? These are the questions addressed in this article.
In addition, this post also provides step-by-step instructions to make your email HIPAA compliant using Microsoft 365 Outlook email.
After this is done, jump to these steps to add the HIPAA compliant email Add-In and complete your HIPAA compliant email set up. Or, simply call (480) 624-2500 and we’ll help you get set up after signing up for the Microsoft 365 Business Professional email package.
Start here with the @example.com you want:
HIPAA, or The Health Insurance Portability and Accountability Act of 1996, is a federal US healthcare law that establishes national standards and requirements to protect sensitive patient personal health information from being disclosed to anyone without their knowledge or consent.
These requirements set standards for the use and disclosure of sensitive patient health information, but also for the strict safeguarding of personally identifiable information by companies in the healthcare and health insurance industries.
The HIPAA Privacy Rule and HIPAA Security Rule requires for covered entities, such as medical practices, to obtain written assurances that their business and/or associates will safeguard electronic Protected Health Information (PHI) appropriately. If a medical practice, hospital or other healthcare related business does not comply with the rules, the result may transpire in civil and/or criminal penalties.
HIPAA compliant email is email that adheres to The HIPAA Privacy Rule and HIPAA Security Rule requirements by using end-to-end encryption in order to properly protect personal health information, or PHI, that is transmitted electronically.
Microsoft has added safeguards that are required by HIPAA for various Microsoft 365 services. These safeguards are in place for services including Office Online, Exchange Online, in addition to SharePoint Online and OneDrive for Business. View more on Microsoft and HIPAA and the HITECH Act.
When using Microsoft 365 Business Premium, an optional privacy and security contractual supplement called a HIPAA business associate agreement (or BAA) is also offered in effort to assist Microsoft 365 customers meet requirements for HIPAA compliant email.
Okay, so now that we have that covered, this following section goes into more detailed steps on how to make your email HIPAA compliant.
Note: These steps assume you have already signed up for a Microsoft 365 Business Premium email subscription plan with GoDaddy. If you have not already done so, you may sign up for a subscription here.
Time needed: 5 minutes
How to make your email HIPAA compliant
Using your Microsoft 365 email address and password, start by signing into your account from the Office 365 sign in page.
Once logged into your Microsoft 365 account, you will then be able to access your Email & Office dashboard. Click on the menu icon in the top left and select Add-Ins from the drop down that displays.
After selecting Add-Ins, you will be shown different Add-In options to choose from. You’re looking for the HIPAA compliant email Add-In option. Next to HIPAA compliant email, choose Get started.
After selecting Get Started, you will then be presented with a checkbox that states, I agree to the Microsoft 365 HIPAA Business Associate Agreement. Go ahead and select the checkbox to agree to the BAA.
After agreeing to the Business Associate Agreement (BAA), you will then be asked to enter your contact details. Go ahead and add in your contact details as Microsoft will require these so that they can contact all customers in the highly unlikely instance of a data breach.
After adding in contact details, the last step is to go ahead and choose to Accept & Send. And that’s it. After completing this step, the email accounts you create under the current email plan will now automatically be HIPAA compliant.
If you followed these steps, you’re all set. Congratulations!
However, if you got stuck anywhere along the way or have additional questions, not to worry. We want to answer your questions and are here to help you get set up correctly.
So, take a moment to review the following FAQ’s and feel free to get in touch if you need to.
To get started with HIPAA compliant email, the first step is to sign up for a Microsoft 365 Business Premium plan. After you sign up for an email account with Business Premium, you can then purchase HIPAA compliant email as an add-on. Any other email accounts that are on the same plan do not need to have their own Business Premium account in order to be in compliance.
After you’ve purchased and set up your Microsoft 365 email, you may then complete the activation of your HIPAA compliant email.
No, there is no noticeable difference after activating your HIPAA compliant email. Everything about your email will still function and work the same as before. The only difference now is that the necessary security features are at work behind the scenes.
No problem. In fact, this is quite often the case. Your healthcare organization only needs one Business Premium email subscription to make all other email address accounts compliant. The account holder of the Business Premium subscription will usually belong to an administrator.
There is no need to buy a Business Premium subscription for every person who needs an email address. As long as every email that needs to be compliant is added under the Business Premium subscription, all email address accounts will be HIPAA compliant.
The short answer is, no, not automatically. With a business associate agreement, or BAA, this helps your organization become one step closer to becoming compliant. Having HIPAA compliant email is only one requirement to being HIPAA compliant, but there are several other requirements that organizations must adhere to in order to be in complete compliance.
Regulations and requirements can often change in a very short amount of time. For this reason, it is recommended to use Microsoft Compliance Manager in order to stay up to date on the status of your organization’s email compliance.
With Microsoft 365 Business Premium, users have access to Microsoft Compliance Manager from the Email & Office dashboard. Compliance Manager is a useful tool that shows your organization’s current compliance score, as well as help you identify what needs attention. Compliance Manager will even guide you on key actions that may help improve your score.
See how Compliance Manager can help simplify the way your organization manages compliance in this short video.
Our support guides are ready to help. If you have any questions or even want us to help you with the setup of your email, expert guides can be reached by calling (480) 624-2500 to offer the assistance you need 24/7.
You can also visit our Microsoft 365 Help Center for additional articles and instruction related to Office 365 email.
With the help of the internet, starting a business is easier than it’s ever been.…
GoDaddy Airo is a new AI-powered tool now included with every new GoDaddy domain purchase.…
Microsoft 365 Email Essentials is a subscription package offered through GoDaddy for the purpose of…
This article provides a step-by-step guide to adding your Microsoft 365 email to Outlook 2016…
With the numerous marketing strategies available, knowing how and when to market your brand can…
With Google seeing billions of searches each day, it’s more important than ever for small…