If I use a virtual mailbox for my healthcare business how can I create a HIPAA-compliant account and get a BAA signed?
There are a handful of virtual mailbox services that you can select from that offers services for your business to be HIPPA compliant.
On request, each virtual mailbox service will sign a business associate agreement (BAA) with your organization.
Here are a few options and you can reach out to them:
- Traveling Mailbox
- Earth Class Mail
- VirtualPostMail (VPM)
Do you need a BAA? The cool thing about VPM is that a BAA template can be used if you contact VPM.
Here are some FAQs about HIPAA
The entire infrastructure is hosted on Amazon Web Services (AWS). AWS is also HIPAA compliant and will also sign a BAA with you if needed.
All VPM web application communications are encrypted over secure connection using 256 bit SSL encryption, which cannot be viewed by a third party and is the same level of encryption used by banks and financial institutions.
In addition, all physical mail is trashed in secure and locked trash bins. We have mobile shredding companies who shred all mail on-site.
You can see more security measures with VPM here.
VPM virtual mailboxes at all locations are also SOC 2 Type II Certified.
It guarantees the security of your data and the privacy of your clients. SOC 2 is an auditing protocol aimed at verifying that your service providers adeptly handle your data, safeguarding both your organization’s interests and the confidentiality of your clients.
Check out the resources:
DPA
Subprocessors