HIPAA Compliant Printing and Mailing Service

View Pricing

Are you a business that requires your vendor to be HIPAA compliant? Any vendors with whom you share protected health information (PHI)–such as patients’ medical data, dates of birth, names, addresses, social security numbers, or financial information are considered business associates under HIPAA regulation. PostalMethods is committed to assisting clients to comply with the HIPAA Regulations and ensuring that our services comply with each of the HIPAA regulation standards.

What Is HIPAA?

HIPAA is the US Health Insurance Portability and Accountability Act of 1996, which amends the Internal Revenue Service Code of 1986. The Administrative Simplification section of this act that has a pervasive effect on health plans, billing agencies, information systems vendors, and other providers. Within the provisions in this section, HIPAA requires improved efficiency in healthcare delivery by standardizing electronic data interchange (EDI) and protection of confidentiality and security of health data through setting and enforcing standards. More specifically HIPAA calls for:

  • Standardization of electronic patient health, administrative and financial data.
  • Unique health identifiers for individuals, employers, health plans and health care providers.
  • Security and Privacy standards protecting the confidentiality and integrity of “individually identifiable health information,” past, present or future, (e.g. Encryption of data during transmission, Authentication and Verification of the sender and receiver).

Who Is Affected by HIPAA?

The Act specifies the following as “covered entities”:

  • Health care providers
  • Health plan
  • Health care clearinghouses

Although PostalMethods does not fall into any of the above categories, as a provider of internet messaging services that handle patient data, HIPAA indirectly affects us. As a “business associate” of covered entities, our products must be able to HIPAA’s requirements. As an organization, our own security measures must comply with the law since we have the capability of storing, accessing and transmitting patient information.

PostalMethods and HIPAA

PostalMethods is fully committed to complying with the regulations and ensuring that our services are HIPAA compliant. Should you wish for more information or clarification on any HIPAA related issues that involve PostalMethods, please do not hesitate to contact customer support.

Patient Confidentiality and Security Measures

PostalMethods recognizes that the security of personal medical record information is of great concern to both patients and providers in the health care industry. To address these concerns, PostalMethods implements 3 levels of security to messages sent through our systems:

  1. Technical
  2. Physical
  3. Procedural

Technical

The PostalMethods system provides a full audit trail of messages submitted and sent through the system. This information is visible online and optionally in confirmations returned to the sender of a message.

PostalMethods accepts messages submitted to its systems in encrypted form, whether by SSL or signed email (PKI).

PostalMethods does not enable its customer service staff access to viewing patient-identifying content, and deletes messages with patient-identifying content immediately after their completion, based on a user-level Enhanced Security setting.

PostalMethods uses security methods to determine the identity of its users and operators so that appropriate rights and restrictions can be enforced for that user. PostalMethods uses both password protection and usernames in its authentication process.

Physical

All PostalMethods servers are housed in secure environments, which can be accessed by approved personnel only.

Procedural

PostalMethods does not retain copies of messages containing patient health information. This is achieved by requiring clients who are covered entities to apply the following measures as prerequisites for transmitting patient-identifying health information through our systems:

Use SSL to Send Messages to Postalmethods

PostalMethods enables SSL-secured communication to its Web Service servers via https://api.postalmethods.com, so that potentially patient-identifying information can be submitted securely for sending.

Use the Enhanced Security feature

This setting may be selected through your user security preferences. It is intended to keep patient-identifying information on our servers no longer than is necessary to send a message or to announce its failure (several minutes). When this feature is set, images of letters sent through the service, as well as precursor and temporary files, will immediately be deleted from our servers upon completion.

Avoid Placing Patient-Identifying Information into Any Data Fields

Verify that patient-identifying information is only present in the body of an outgoing letter. All other parts of a transaction are retained indefinitely for billing and archival purposes. Since PostalMethods does not address HIPAA requirements in the handling of its long-term archives, patient-identifying information must not reside anywhere except in the letter body itself.

Business Associate Agreement Available

At clients’ request, PostalMethods will agree to enter into a “Business Associate” contract, a sample of which can be viewed on the U.S. Department of Health & Human Services.

You can be sure with PostalMethods, that your information remains safe with our HIPAA compliant online mail service.

HIpaa Compliant

Call 833-403-1015 or Support@postalmethods.com

Send Letters
Securely + Reliably
Send letters securely and reliably from any business application. Use for invoices, quotes, and other important business communications. Enjoy special web-form to postal features and instant notifications.
Simple Process
Easy as 1-2-3
Experience the ease of our streamlined process - developed for efficiency! You submit your document by email or API. We automatically print, collate, insert, and stamp your letter. Your letter is delivered via standard postal service.
Pay As You Go
No Fuss. No Obligations.
Register for free with no obligations! Evaluate the service as long as you need. Once you are ready, set up our user-friendly pay-as-you option to use our service. No fuss. No on-going commitment. Just plain easy!