Back to GuidesGuides & Opinions

HIPAA Compliance Legal Abstract: Email Encryption


Abstract of Legal Analysis on RMail, RSign, and HIPAA requirements for privacy and proof of delivery compliance.

This is an abstract from the legal analysis prepared by Jon Neiditz and Amanda Witt of Nelson Mullins Riley & Scarborough LLP after their review of RPost services RMail email security and RSign e-signatures and their key features, with regards to meeting requirements under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA). This abstract of the legal opinion provides a summary of legal principles related to e-signature law, e-security and privacy, and how RPost offers a legally effective, HIPAA compliant solution. It concludes RPost’s Registered Receipt™ email records and e-signatures are HIPAA compliant, legally enforceable and binding. Based on their analysis, the attorneys presented the following conclusions:
(1) An RPost (RMail or RSign) electronic signature can be used when a signature is required by a document governed by HIPAA and is as legally enforceable and legally effective as a ‘wet ink’ signature.
(2) RPost can be used to deliver documents electronically in conformity with the technical safeguard standards of HIPAA relating to the security of electronic communications of electronic PHI.
(3) Where notification is required by HIPAA and in the great majority of U.S. Jurisdictions in which UETA applies, RPost’s core Registered Email™ service does provide the sender with legally valid evidence that notice has been accomplished under HIPAA, as long as RPost’s resulting Registered Receipt™ email reports at least successful delivery to the recipient’s mail server.