Medical Economics August 22, 2025
Austin Littrell, Keith A. Reynolds

Nearly all small health care organizations believe they’re HIPAA compliant, but most face major cybersecurity risks and possible penalties, a Paubox study warns.

Small medical practices, which make up more than 90% of U.S. health care providers, overwhelmingly believe their email systems are HIPAA compliant, but a new report from email security firm Paubox finds that nearly all of them are mistaken.

The study, based on a survey of 214 IT leaders and practice managers from organizations with fewer than 250 employees, revealed that 98% of small practices think their platforms automatically encrypt emails. In reality, common tools like Microsoft 365 and Google Workspace often fail to provide the protections required by federal law.

The gap arises because encryption may...

Today's Sponsors

Venturous
ZeOmega

Today's Sponsor

Venturous

Continue Reading

 
Topics: Govt Agencies, HIPAA, Physician, Provider, Survey / Study, Trends
Related Articles:
283: A candid conversation: Physicians on the front lines of GLP‑1 care
Doctors Increasingly See AI Scribes in a Positive Light. But Hiccups Persist.
AAMC report finds 7th consecutive year of growth in medical residents
8 prior authorization updates for 2026
Follow the money: How AI technology could fit into accountable care

Share Article