Authorization considerations for HIPAA email, data

HIPAA establishes rules for the transmission of patient data, some of which are considered “required” and others that are called “addressable”. The required rules are exactly what they sound like, these rules are mandatory and must be done. “Addressable” provisions are a bit more flexible, but they are not optional, instead the covered entity is allowed to judge how to meet the standard that has been outlined based on what is appropriate and reasonable. More details about the differences between the addressable and required provisions in HIPAA, as well as how to remain compliant, can be found at .