Thursday 15 February 2018

Is PostageApp HIPAA Compliant?

Is PostageApp HIPAA Compliant? - Paubox

We’ve been getting asked by customers and prospects about PostageApp and their ability to use it in a HIPAA compliant manner.

We know the HIPAA industry is vast so we can empathize with just how many people need to use cloud-based services in this sector.

In previous posts, we’ve covered the following cloud solutions and their capabilities for HIPAA compliance:

Today, we will determine if PostageApp offers HIPAA compliant email service or not.

SEE ALSO: HIPAA Breaches and Cloud Providers

About PostageApp

PostageApp is an email management tool that sits between an app and the SMTP server. It was originally utilized internally by The Working Group (TWG) for client projects. It essentially is a competitor to SendGrid.

PostageApp and the Business Associate Agreement

We’ve previously talked about how a Business Associate Agreement (BAA) is a written contract between a Covered Entity and a Business Associate. It is required by law for HIPAA compliance.

We checked PostageApp’s site and could not find any mention of their ability to sign a BAA. We also did not find any mention of HIPAA or PHI (Protected Health Information).

At the bottom of the PostageApp Terms and Conditions of Use page, we do see they listed a contact address in Toronto, Canada.

Not being headquartered in the U.S., we can see why they do not make any mention of HIPAA on their site.

Does PostageApp Offer HIPAA Compliant Email Service?

The Business Associate Agreement is a key component to HIPAA compliance between a Covered Entity and a Business Associate.

Since we could not find any mention of HIPAA, Business Associate Agreement, or PHI, we conclude PostageApp is certainly not in the business of providing HIPAA compliant email.

Conclusion

PostageApp is not a HIPAA Compliant email solution.

No comments:

Post a Comment