Social Media 101: Pick a side Who’s Side Organizing large...Read More
Top HIPAA Compliant email & online tools
Home / Blog / Single Post
Getting Started with HIPAA: What you need to know
What is G Suite?
G Suite is a suite of services offered by Google. A few examples are:(such as Gmail, docs, calendar, forms, and more) adapted for businesses. In addition, G Suite is a preferred solution for transmitting protected health information (PHI) for private practices. This is especially useful among therapists in private practice that intend to use email to contact clients.
How does it work
Google works to keep users’ data secure in the cloud in a reliable, compliant way. The combination of security and privacy lead to a strong ecosystem that keeps your information safe. For customers who are subject to the requirements of the Health Insurance Portability and Accountability Act (known as HIPAA, as amended, including by the Health Information Technology for Economic and Clinical Health — HITECH — Act), G Suite supports HIPAA compliance. Under HIPAA, certain information about a person’s health or health care services is classified as Protected Health Information (PHI). Our services helps you configure specific privacy and advertising settings in G Suite to make the process of adopting G Suite and HIPAA compliant email easy!
How to configure your email in G Suite to be HIPAA Compliant
The first thing we assist clients with is configuring G Suite for the BAA. ALL clients must sign a BAA with their email service providers to be HIPAA compliant In the case of G Suite, you as the healthcare provider must enter a BAA contract with Google in order for the platform to be considered HIPAA-Secure and we make that process easy! Here are the steps:
- Choose a G Suite package. Basic starts at about $6 per month for one seat (1 user/unique email)
- Once you pick the best option for your practice, set up an account, and be sure to get a custom domain for a professional email! You should not be using an @gmail.com email for professional communication and anything dealing with Protected Health Information (PHI)
- Continue with the Setup Process. I’ve linked below to a page that walks you through linking your G Suite to your website. I highly encourage setting this up from early on so you can have an account that ends with your name.
- Sign into Google Admin Console at admin.google.com
- Click “Company Profile”
- Click “Show More”
- Click “Legal & Compliance”
- At the bottom, in “Security and Privacy Additional Terms” click “review and accept” under “G Suite/Cloud Identity HIPAA Business Associate Amendment”
- Answer the questions and click, “I accept.”
BAA stands for Business Associate Agreement. A BAA is a legal contract between a healthcare provider and a contractor. HIPAA requires that all healthcare providers enter a BAA contract when exchanging protected health information (or PHI) with a contractor. It’s important to understand that to use any type of software to transmit PHI, HIPAA requires that you enter a BAA contract with the contractor of that software.
All online software that is HIPAA-secure, requires you to enter a Business Associate Agreement (BAA)with that provider. In the case of G Suite, additional privacy policies will need to be reviewed, amended, and submitted. You will need a Google Cloud Identity with a G Suite account to access the proper policies and the BAA option. Finally, a company profile will need to be completed to enter into the BAA with Google
Are you ready to start?
We are passionate about #protectlocal businesses and are dedicated to sharing our knowledge with our healthcare heroes that are working so hard during these trying times. We’ve included this free premium content as a token of our appreciation and hope you have found it helpful. If we can help in any way, we would be honored to discuss opportunities to grow your business and protect you and your practice.