HIPAA Compliant G Suite 2017-07-02T13:42:00+00:00

The easiest way to make G Suite HIPAA Compliant

HIPAA-Compliant G Suite

Thinking about Google’s G Suite for your medical company?  That’s smart.  It’s affordable, stable, and easy to use.  

Google even signs a HIPAA Business Associate Agreement (BAA) so you can store and handle PHI. 

Big HIPAA and Cyber Security Mistakes

Here’s something you might not know.  G Suite is NOT HIPAA-compliant out of the box.

G Suite HIPAA PhishingEvery week, we meet tons of companies who set up their G Suite all wrong. They’re putting patient PHI at risk. Heck, they’re putting their whole business at risk.

Here are the four most common mistakes we see:

  • The BAA isn’t enough. They think they’re “all set” as soon as they sign the HIPAA BAA with Google. Not even close…
  • 19-pages of technical settings. They don’t realize that Google has a 19-page technical manual of things they need to do to make G Suite compliant with HIPAA.
  • You can’t email PHI. They email PHI to patients and other third parties without secure email – a big HIPAA no-no!
  • They think they’re safe from viruses and hackers. They assume Google keeps them safe against viruses, hackers, and ransomware. G Suite is only a small piece of this!

And you know what? It’s not their fault. These are healthcare providers. They need to focus on patient care. They’re not trained to be IT, cyber security, and HIPAA experts.

The stakes are way too high

You’ve worked too hard to build a business and a reputation. Why risk it all over something silly like setting up your email the wrong way?

Here’s what has happened to other companies who have messed this up:

1) They were fined.  A LOT.

hipaa-compliant-gsuite-6-hipaa-fines

Fines as high as millions of dollars

3) They had to tell patients and the media.

hipaa-breach-notification-hipaa-compliant-gsuite

It’s embarrassing

2) They’re on the HIPAA Wall of Shame.

hipaa-compliant-gsuite-hipaa-wall-shame-

From the HHS website

4) Some of them lost it all.

hipaa-compliant-g-suite-lost-it-all

Your bank accounts can be drained during a hack

But if you get it right, it’s worth it…  

Save Time and Money

G Suite HIPAA Google driveCompanies who move to G Suite end up saving a lot of time and money.

  • Securely email PHI. Stop messing around with faxes and paper. Email PHI to co-workers. Email PHI to outside parties (patients, insurance, etc.) with our secure email add-ons.
  • Paperless PHI. You have a safe, secure, easy way to convert files to digital documents. You can even scan in files with a scanner or your smartphone.
  • Access PHI from anywhere. Need to share files across multiple people? Or across multiple offices? Maybe you have staff on the road? Your staff can safely and securely access PHI from their computers, laptops, and even smartphones.
  • Stop wrestling with email in EMR systems.While many EMR systems support email, let’s face it — it’s clunky at best. Google’s Gmail is a system that most people already know how to use. And you can pick your EMR based on charting and billing features, not email.
  • Stop messing around with servers. If you still have a server in your company for email and file sharing, you’re paying too much. G Suite is cheaper, easier, and you don’t have to keep worrying Stop paying for new servers and stop worrying about updates and patches.
  • Use video conferencing. Google’s chat and video conferencing service Meet is covered by the HIPAA BAA.
  • Be more professional. Some patients get nervous when they get emails from [email protected] or [email protected] With G Suite, your practice will have professional email addresses under your company name (Send and receive emails at [email protected]).

You’re safer in the cloud.  Seriously.

hipaa-compliant-g-suite-security-certificationsGoogle’s cloud is way, way safer than anything a small business could do on their own.

They’ve invested hundreds of millions of dollars in building systems that are safe against hackers, physical attack, and even natural disasters.

You don’t need to take our word for it. Google has built a whole website that shows exactly how safe they are. Not only are they safe enough for HIPAA, they comply with the toughest federal and financial security regulations in the world. They even hire independent third party auditors to come in and regularly review their security policies and practices.

Huge companies, including lots of healthcare companies, trust Google to protect their sensitive data.

Of course, it’s only as good as you are. Google won’t protect you if you don’t set it up the right way. Or if you email something you shouldn’t. Or if you click on a link you shouldn’t.

That’s where we come in.

Why Adelia

You could certainly buy G Suite directly from Google.  By doing so, though, you’d be responsible for making sure that your G Suite system is set up correctly.  You’d need to spend your time and energy becoming an expert on cyber security, HIPAA compliance, and the technical operating of G Suite.

We also give you extra features that you need to make your business safe and HIPAA-compliant.  Your email will be safer, your staff will be well-trained, and you can safely send PHI via email.

Here’s what you get by working with Adelia:

G Suite Default Configuration

HIPAA Compliant G Suite (Adelia)

HIPAA BAA – HIPAA Business Associate Agreement (BAA) between your practice and Google.
HIPAA-compliant Gmail and Calendar – Send and receive email and calendar invitations from your own email @yourcompany.com
Store PHI in documents, spreadsheets, and presentations – Create, edit, and collaborate on documents, spreadsheets, and presentations.  Use them for PHI and safely back-up to the cloud.
Video conferencing, online forms, and digital notetaking – use Google Keep, Google Meet, and Google Forms to handle PHI.
Secure Email – Send and receive PHI via email. Securely send to other practitioners, insurance companies, and patients.
Dual-layer phishing protection – Every email is scanned for phishing attacks by two of the best scanners on the market.
Two-layer malware and ransomware protection – Every email sent to you is auto-scanned for malware and ransomware using two of the best scanners available.
Click links in emails without worrying – Every link and attachment is scanned in real-time for risky and unknown phishing and malware. Bad links are blocked in real time.
Daily quarantine digest – Your users will get a daily summary of any blocked or bad email. They can help train the system and stay informed about the latest threats.
Secure Google Drive Configuration – we’ll configure Google Drive so you don’t accidentally share ePHI with outsiders. You’ll get notified if someone accidentally shares ePHI with outsiders.
HIPAA Compliant G Suite – we’ll configure G Suite so you have strong passwords, two factor authentication, and alerts sent when anything bad or unusual happens.
HIPAA Compliant Computer Review – expert review of your computer settings and programs to make sure you’re safe, secure, and HIPAA compliant.
Online Cyber Security Training – short, fun videos to teach your users about good cyber security.
Save you time – you need to spend your time focused on your business, not learning G Suite, HIPAA, and cyber security.

Why Adelia

You could certainly buy G Suite directly from Google.  By doing so, though, you’d be responsible for making sure that your G Suite system is set up correctly.  You’d need to spend your time and energy becoming an expert on cyber security, HIPAA compliance, and the technical operating of G Suite.

We also give you extra features that you need to make your business safe and HIPAA-compliant.  Your email will be safer, your staff will be well-trained, and you can safely send PHI via email.

Whether you buy from Adelia or straight from Google, you’ll get:

  • HIPAA BAA – HIPAA Business Associate Agreement (BAA) between your practice and Google.
  • HIPAA-compliant Gmail and Calendar – Send and receive email and calendar invitations from your own email @yourcompany.com
  • Store PHI in documents, spreadsheets, and presentations – Create, edit, and collaborate on documents, spreadsheets, and presentations.  Use them for PHI and safely back-up to the cloud.
  • Video conferencing, online forms, and digital notetaking – use Google Keep, Google Meet, and Google Forms to handle PHI.

By working with Adelia, you get everything you need to be safe, secure, and HIPAA-compliant:

  • Secure Email – Send and receive PHI via email. Securely send to other practitioners, insurance companies, and patients.
  • Dual-layer phishing protection – Every email is scanned for phishing attacks by two of the best scanners on the market.
  • Two-layer malware and ransomware protection – Every email sent to you is auto-scanned for malware and ransomware using two of the best scanners available.
  • Click links in emails without worrying – Every link and attachment is scanned in real-time for risky and unknown phishing and malware. Bad links are blocked in real time.
  • Daily quarantine digest – Your users will get a daily summary of any blocked or bad email. They can help train the system and stay informed about the latest threats.
  • Secure Google Drive Configuration – we’ll configure Google Drive so you don’t accidentally share ePHI with outsiders. You’ll get notified if someone accidentally shares ePHI with outsiders.
  • HIPAA Compliant G Suite – we’ll configure G Suite so you have strong passwords, two factor authentication, and alerts sent when anything bad or unusual happens.
  • HIPAA Compliant Computer Review – expert review of your computer settings and programs to make sure you’re safe, secure, and HIPAA compliant.
  • Online Cyber Security Training – short, fun videos to teach your users about good cyber security.
  • Save you time – you need to spend your time focused on your business, not learning G Suite, HIPAA, and cyber security.

Pricing

HIPAA Compliant G Suite for

$49 / user / month

One Time Setup Fee: $99

Cancel Anytime Guarantee

You are fully protected by our Cancel Anytime Guarantee. If you don’t like Adelia Risk’s HIPAA Compliant G Suite service, cancel any time with 30 days notice.  No questions asked.

Already Have G Suite?

Not a problem!  We work with many customers who already purchased G Suite.  We make sure they’re set up the right way.  Our extra HIPAA and security services can be added at any time.

Adelia Risk – As Featured In

IT Security Consulting Healthcare IT News

IT Security Consulting Dark Reading

Frequently Asked Questions (FAQ)

Can’t I get this cheaper if I buy directly from Google?

You can get plain, unconfigured G Suite from Google for less money.  But then you will need to do the work to figure out how to configure it to comply with Google’s HIPAA implementation manual.  You will need to find a separate secure email provider, a system to scan your emails for phishing attacks and viruses, and a system to train your users on good security.

Is there a sign-up fee?

Yes.  We charge $99 to set up the service initially.  This is a one-time fee.  It covers the time spent in configuring your G Suite, DNS records, and our security services to protect your business.

How does the setup process work?

  1. 30-Minute Kick-off Meeting
  2. Sign HIPAA BAA
  3. Adelia sets up your security services and updates your G Suite Settings Update (typically 2-4 days)
  4. 60-Minute Training and HIPAA Computer Review

I use more than one computer. Is there an extra cost?

No, there is no extra cost per computer.  We charge by the user.  If desired, though, you can have us to cyber security reviews on multiple computers at additional cost.

Does this plan include the cost of G Suite?

Yes.  If you already subscribe to G Suite, you can take $5 off the price of the service.

Do I have to sign a long term contract?

Discounts you say? How do I get these discounts?

We offer discounts for customers who pay for their service up front at the following rates:
  • 5% discount for payment 12 months in advance
  • 10% discount for payment 24 months in advance
  • 15% discount for payment 36 months in advance

What types of payments do you accept?

For monthly plans, we accept Visa, Mastercard, and American Express. At this time, we are unable to accept a PO, invoice you, or take an order over the phone for monthly plans.

For longer term plans (12, 24, or 36 months), we are able to send you an invoice on net 30 terms.