Email is a routine and essential part of communication in healthcare—even when communicating PHI. But setting and enforcing HIPAA-compliant email policies continues to be tricky for many organizations.
Too often, organizations fall for common HIPAA myths and erroneously incorporate them into otherwise sound, good-faith compliance efforts. That can lead to wasted time and resources, duplicative work, or even outright noncompliance.
