Below you will find a list of Encryption Policies based on HIPAA templates included in your Policy-based Encryption package.

This list includes pre-built policies to track common protected health information (PHI) such as procedure codes, drug codes, diagnosis codes, and other data frequently used by companies operating in the health care industry.

Important: by default, policies are NOT enabled in the Encrypted Mail Gateway console. Login to the Encrypted Mail Gateway > click on a red button to enable policy as shown on the picture.

HIPAA Templates

List of included HIPAA policy templates with a description

  • Bypass encryption of o365 notifications
    Bypass encryption of system notifications from O365.
  • System notification bypass
    Prevents system generated notifications from triggering encryption polices.
  • Bypass triggers
    Checks the message for encryption bypass keywords listed in Bypass Triggers keywords & dictionaries list.
  • Manual encryption triggers
    Example word list used to manually trigger encryption by end users.
  • Social Security Number Policy
    SSN policy scans for US Social Security numbers within the subject and body of the outgoing message. Here is the format of the regular expression used:
    ([0-6]\d{2}|7[0-6]\d|77[0-2])([ -]?)(\d{2})\2(\d{4})
  • PHI Indicators for HIPAA Policy
    List of keywords that indicate an email may contain Patient Health Information (PHI).
  • NPI Policy HIPAA
    A ten digit number that every health care provider who bills for services or has their services billed for typically obtains. The National Provider Identifier enumerates both individual health care providers as well as provider organizations.
  • Inpatient FFS Revenue Codes Policy
    A numeric billing code used by health care providers to describe the type of service that has been rendered.
  • ICD 10 Codes Policy
    International Statistical Classification of Diseases and Related Health Problems (ICD-10) 10th revision.
  • ICD 9 Codes Policy
    International Statistical Classification of Diseases and Related Health Problems (ICD-10) 9th revision.
  • CPT Cat 1 or 2 or 3 Code Policy
    Current Procedural Terminology Category are the common service codes that define medical, surgical, pathology, radiology and anesthesia services.
  • HCPCS Codes Policy
    Healthcare Common Procedure Coding System (HCPCS, often pronounced by its acronym as "hick picks") is a set of health care procedure codes based on the American Medical Association's Current Procedural Terminology (CPT). Once activated, any outbound messages that contain HCPCS codes in the subject or body of the message will be encrypted.
  • FDA NDC Codes Policy
    Food and Drug Administration National Drug Codes (NDC) is a unique product identifier used in the United States for drugs intended for human use. The Drug Listing Act of 1972 requires registered drug establishments to provide the Food and Drug Administration (FDA) with a current list of all drugs manufactured, prepared, propagated, compounded, or processed by it for commercial distribution. Drug products are identified and reported using the NDC. FDA NDC codes have 10 digits.
  • CMS NDC Codes Policy
    Center for Medicare and Medicaid Services National Drug Codes define medications and pharmaceuticals prescribed and ordered in the US. CMS NDC codes should have 11 digits straight.
  • CARC Codes and Descriptions Policy
    Claim Adjustment Reason Codes are used by a health insurer to describe the payment for each line item on a claim submitted by a health care provider. Codes describe payments, denials, payment adjustments, suspensions or pending payment.
  • RARC Codes and Descriptions
    Remittance Advice Remark Codes (RARCs) are used to provide additional explanation for an adjustment already described by a Claim Adjustment Reason Code (CARC) or to convey information about remittance processing.
  • Date of Birth Policy
    Date of Birth in numeric and text formats.