How to Ensure HIPAA-Compliant Messaging
When chief information officers (CIOs) introduce HIPAA-compliant messaging apps into their organization, they must maintain reasonable and appropriate administrative, technical and physical safeguards in protecting electronic protected health information (e-PHI).
The Department of Health and Human Services states that organizations must:
- Ensure the confidentiality, integrity and availability of all electronic protected health information which is created, received, maintained or transmitted.
- Protect against any reasonably anticipated threats or hazards to the security or integrity of this information.
- Protect against any reasonably anticipated uses or disclosures of patient information.
- Ensure compliance by users of the information.