Dr. H. Nathan Hoffman with an Email Encryption Offer

{Ray Berardinelli} Welcome to the PT Business Builders show where we believe EMRs suck; that systems and software should actually improve your life and your practice; and the only measure of success is systems that give you the time and financial freedom to enjoy your life and do the things you love. 

Today, Nate is coming on with us. He's going to talk about Paubox.

This is something that he and I have discussed at length. And this is what I particularly use for my software, but there are people out there that aren't using my software, but need something like this and don't even know that they need something like this. 

Nate actually approached me a couple days ago and said about trying to help some people through this because as a single person, it's really not something that you can just go out and grab. 

It's very costly to implement it and to make it part of your process. And a lot of people don't even realize why they need it. 

From here, Nate, I'll let you introduce yourself, tell everybody a little bit about you -- what you do and your group. And, and we'll just kind of go from there.

{Nathan Hoffman} My name is Nate Hoffman. I've been a PT for a little over a decade now. 

And I run a Facebook group (there's probably several people in this group room I'm sure that’s part of that as well) but it's called G-Suite for healthcare providers. 

We put on just a bunch of free stuff out there for how to optimize G-Suite for various purposes. 

There's a lot of people who are utilizing it as their EMR because it is HIPAA compliant. And we'll get into this a little bit kind of, there are ways in which it is a way and which it isn't and you have to kind of be able to know and those are some of the topics that we cover in my group. 

I teach people how to utilize various tools (and whatnot) to help automate things such as patient intakes, which can be sent out via Google Forms, and documentation, emails texting -- how do you utilize it to its best, its highest potential to automate and simplify your practice, cheaply through through G-Suite. That's what we focus on in our group. 

{Ray Berardinelli} Great! And I'm a member of the group. I enjoy it also. 

This is something Nate and I were talking about before we even came on here. 

I do an EMR replacement. 

My EMR replacement isn't right for everybody. It's not going to be for everyone. 

Every practice isn't what they need. Every individual it's not what they need. Some people are going to want something totally different. 

They're going to want something like what Nate’s doing which is the G-Suite. And I really recommend his group.

Looking at it, if that's something that you are interested in, if that is you -- I really recommend, G-Suites for Healthcare Providers. That's Nate's site and there's tons of stuff there. 

It's a really great resource -- if that's what you're looking to do. 

So, Nate, this the Paubox, why don't we get into a little bit about the discovery that you've made and I've had the same discovery with the G-Suite and HIPAA compliance and everything. 

Would you mind sharing your experience there?

{Nathan Hoffman} Yeah, absolutely. 

When you sign on and when you look at G-Suite, first of all, it's $6 a month for your classic and it says that it's HIPAA compliant, they'll sign a BA with you and whatnot. 

But when you get kind of into it, and you look around, what you really have to understand is, especially when you're doing things like sending emails or text message or whatnot, you are responsible when it comes to HIPAA, where the information sits in your own platform or in your own G Suite where it sits, how it's transmitted, and then at the end where it ends up. 

That's completely on you. So if you're sending out emails to whoever and then you don't know if at their end it supports encryption, then you're not HIPAA compliant. 

And people think of like, “okay EPHI, I'm sending an email, but I'm not talking about their health history, identifiers including email addresses.” That's personal health information, essentially. 

If you're sending out an email to somebody, and you're just saying, “hey, fill this intake out…” well, it's coming from your email address. 

Let's say somebody takes a look at your email, “Oh, look, this one got someone from Hoffman, health, physical therapy…” They got an email there and they're asking you to fill out an intake.

Automatically that person knows this person's going to physical therapy and they're being sent an intake. It makes sense intuitively when you think about it, it's like, yeah, if someone looks at that email, they're going to know. 

{Ray Berardinelli} Would you mind saying that again, the bit about their email being? 

{Natha Hoffman} An email address is EPHI. Even things like appointment times, EPHI. Like those are identifying things that could be considered they’re HIPAA protected. 

Some people when they think about HIPAA, they only think about the data, the measures that you got. But that's not completely true. 

There's a lot of different identifiers and things like that, that lie under your responsibility to keep out of the hands of the public. 

Even if it's not necessarily associated with health stuff -- it doesn't necessarily have to do that. All these identifiers are saying, okay, this person at this email address is going to this physical therapy place. That is protecting information as well. 

That's why having a platform that has end to end encryption, in my opinion, is the way to go. 

You can do things like sending out consent forms and things like that and have your patient sign them and agree to receive communications via email. The thing that makes it kind of a pain right there is number one, they're going to feel kind of pressured from you, as the provider to sign that kind of stuff. 

Number one, “hey, this is how I want to communicate. Sign this.”

I don't view that as the best way of going about it. You can do it and it covers some bases. But then it also adds an extra administrative burden on you. 

And is this something that I really want to keep track of how many people have signed consents and I can email. And how many people haven't and I can't. 

It's just another step. It's another thing that as a practice manager or as a practice owner, you don't want to have to deal with.

{Ray Berardinelli} Another thing that my HIPAA attorney told me. A person cannot sign away their HIPAA rights. 

They can't sign themselves out of HIPAA law. They can't say, “Oh, well, yeah, it's fine for you to communicate with me like this.” 

Now, HIPAA no longer applies to their personal health information. They can't sign it away. The obligation is still on you, even if they say it is okay to reach me in this format. 

You have to give it your due diligence. Because when I was building my platform, this was something we went into great detail in. 

A signature does not relieve your obligation to protect their health information. 

So even if they sign it, you still are obligated. 

Now with G Suite you said, you're responsible from one end in the transmission and where it rests on the other end. Where is the problem?

{Nathan Hoffman} The problem when it comes to emails where it ends up -- in most most emails support encryption.

And so if you're sending from G Suite they're encrypted at rest in G Suite. You write up your email, you transmitted it. 

En route, it's encrypted, it's great. But then where it lands in the recipient, and the recipient’s email, it may not support encryption. 

And for you, it's hard to know that. It's hard to know if the end user has. So you can't know it. 

The easiest way to do it is to use a third party. And there's a lot of different things out there. 

Another one that's really common is one card, there is Virtru. You'll see a lot of stuff out there for Virtru.

There are a lot of encrypted emails out there. 

And what I found, as I've looked at cost Barracuda that's super expensive, high end stuff. But what I found is number one, they're fairly expensive. 

Virtru isn't too bad. But even though Virtru isn't too bad, what I don't like about it is it's too many clicks. 

You have to sit down and go, okay, yes, I want this encrypted; this is how I want it opened; or when I wanted to disappear. 

It adds that much more of an extra step to what you have to do.

{Ray Berardinelli} We're all busy. I don't want to add anything extra to my day that I have to manage one more thing every day that I've got to manage. I don't want to.

{Nathan Hoffman} Yeah. And so that's where that's where Paubox is really great.

Is because what it does is it just operates in the background, essentially. 

And it almost acts as a filter. It looks at the recipient's email, it says, okay, is it safe to send it there? 

If it's not safe, then it sends the recipient to their platform where the recipient has to enter a passcode and stuff to view the communication. 

And so from your end, from the sender's end, you almost don't know, it's just happening. 

And so that's what I like about it. It doesn't require extra clicks, it's kind of out of sight, out of mind. It takes care of itself. 

Once you've got it set up. You're running it and it's simple. 

Hands down of all the ones that I've looked at and seen it is, as far as I know, the simplest, most user friendly platform out there.

{Ray Berardinelli} Same, same. Like I did a ton of research on this -- granted, mine was a couple of years ago. 

At the time, I found it to be the simplest, the most cost effective method of doing it. 

With Paubox, the nice thing is, my programmers, for example, went in and I wanted to test it. This is me, I'm not very trusting of things, I've got to figure it out for myself, even if they're like, “Oh, this does this.”

I had my programmers hack in to try to get the body of the email. They can't, they couldn't get in, it's all encrypted, and they can see it. It's all encrypted, though. 

So you have no idea what the heck it means, whereas, my regular G Suite, even though mine was HIPAA compliant, they could still hop in and see the body of the email with minimal hacking to get into there. 

This makes it next to impossible. 

And the other thing that I love about Paubox is, if it's not supported, then there's a link that they go through to get it. 

Once they go through the link one time then it's good. It's just a click through day to get to it. 

It's really good. And another thing that you can do is on the first time through, you can walk the person through that. 

In my practice, I would ask them, “Hey, did you get my email?” If they say, “Yes, I got your email…” then great! 

If they had problems -- “Oh, let me help you.” Then I walk through, “okay, you're going to set up a password here. You're going to do this, you'll do this one time, and it's done.”

I walk them through it. So then the communication between me and them is seamless, which is the ultimate goal.

{Nathan Hoffman} I mean, fantastic. 

When you take all that stuff into consideration, you take in, like the decreased amount of administrative work on your side, the simplicity of the platform, not having to click through everything, and patient satisfaction. 

It's fairly simple from their end as well. And just especially for individuals and what we're seeing in our industry, so many people jumping away from large industry and saying, “I'm going to do my own little thing”, “I'm gonna have my solo practice. Maybe I'm gonna grow a little bit here and there, have a few other people under me.”

People want that personal touch. And that's what these small practitioners and that's what most people in your group and in a lot of these groups (we see on Facebook) these small groups -- email makes a lot of sense. 

That's why I find that something like this is necessary so that you don't have to number one you’re completely compliant. And number two, you don't have to deal with all those other issues that we've talked about. 

Paubox, hands down, is the best. One of those things I really strongly endorse.

{Ray Berardinelli}  Same, same. I really strongly endorse that I embedded it in my software. I really strongly believe in it.

{Nathan Hoffman} Did you use the API for yours?

{Ray Berardinelli} Yeah. Everythings all built in. Everything's automatic. 

They don't have to do anything. It's just in. 

So, you have a unique offer that you're going to do. Because the problem for individuals, which we discussed earlier, is Paubox is kind of kind of expensive.

If you're just going to hop in yourself and just grab it like it's a little more expensive to use and operate as a single provider or a small practice.

If you're a large practice it isn't as big a deal. You absorb that cost, you don't even notice it's there. You don't even notice the cost is there for it.

(Guys, if any of you are using something like this, please just comment down below. Let us know what specifically you're using to encrypt your emails.)

You kind of did something unique. You kind of went out, thought outside the box and kind of did something.

(Nathan Hoffman} Yeah. So I got a hold of  Paubox and I said “Hey, what can I do so that we can get into it?” 

Because the way that they do is they only sell in bundles of three. You have to buy three licenses in order to even purchase Paubox. 

It's not an incredible cost, it's $30 a month, but ultimately for small practices that adds up over a year's time. 

And I wanted, especially we're talking about a lot of people are going off solo with small practice, I want to reduce costs as much as possible. 

So what I did was I reached out to them, and then they'll say, “Hey, Nate, we will sell you a bunch of licenses. If you want to turn around and sell them back.”

And so that's what I'm doing. Because I want to be able to offer these like one on one. Just single use licenses for individuals. 

And so that's what I did. We need to get about at least 20 of those sold. So that it makes financial sense for me to jump on this. 

And truth be known, I'm not making an incredible amount of money on this. 

This is mostly for members of my group, who are really interested but just don't want that price point. And so I'm just doing this more or less as a favor. 

But I wanted to jump on here and offer that to everyone.

And what we'll do, and I talked to Ray about this, is we can put in a link to a Google form where if you have interest in this, it’s going to be $12 a month for single use -- that is going to be the price point. 

Typically, like I said, it's $30 is your minimum purchase. This is great, that is 60-70% discount is what we're doing. 

So we're going to do it for $12 a month. And I can give you the link to the Google forum, people can sign in below and say, “Yeah, I want to go ahead and jump on this.” And then we'll go ahead and get everything set up. 

It’ll take a few steps, it will take a little while because I have to put in all the purchasing and everything taken care of probably sometime next week when we get it going. 

But that's the game plan. I'll be essentially administering all the payments and everything like that just so that we can get this in the hands of people.

{Ray Berardinelli} That's pretty awesome. So just for the people that have just hopped on like a little recap just the Paubox is necessary. 

What it is used for, how it protects you and your offer to cut their costs on  Paubox for a single use person by almost been to almost a third.

{Nathan Hoffman} Yep. Yep, you got it. Almost probably like 65% off. 

{Ray Berardinelli} Okay. It's necessary because in your inbox you're sending in G Suite, you're fine. 

The problem is when it lands in the other person's inbox. You are responsible for the data being encrypted in their inbox if you send them emails and you share EPHI, electronic personal health information. 

So if you share that, you're responsible for being encrypted in their inbox.

Paubox allows you to do that. It allows you to communicate pretty much anything that you would like, within email and have it covered in their inbox. 

Typically pretty costly. It's a minimum of $30 a month. And Nate has a great offer. 

If you get a hold of him, you can get it for and I'll include the link below in the comments. 

You can get it through him for $12 a month. If you're a solopreneur, and you're doing this or you're just starting out, maybe you only have two people, you don't want to buck up and pay that 30 bucks, then you can really get this for a reduced price, and it will help you stay HIPAA compliant going forward.

{Nathan Hoffman} Yeah, absolutely.

{Ray Berardinelli} So anything else you would like to share?

{Nathan Hoffman} That's basically it, but it's been good talking to you. 

I even learn something. We talked through all this stuff on our sites. 

Well some of these issues surrounding HIPAA compliance and G Suite. And there's so many things that are HIPAA compliant, some things that aren't. 

But anyway, people interested in that you're welcome to come check it out as well and just kind of see how G Suite can be optimized. 

And the truth is, even if you're using other platforms for your documentation and are totally awesome, totally fine. 

G Suites’ not for everyone. 

There are some really cool tips and tricks that we share in there like how to do little snippets that auto populate all sorts of documentation verbiage. 

And maybe if maybe if you want to do intakes online, and you want to use Google Forms for that, little tips and tricks that helped to simplify certain business aspects. 

Even if you're not using it as a complete practice management tool, there's lots of cool things in there that you can utilize that simplify your life.

{Ray Berardinelli} Yeah. One of the things that he's talking about the snippet thing is you have a hotkey. 

So you have a key assigned on your keyboard that you select. If you have a particular statement that you want to add, you just select that key and it puts the statement in its full form right in there for you automatically. 

So you don't have to type the same thing over and over and over again, that's specifically what he's talking about. 

The group is awesome. I've included the thing below. It's trailing that right now, that G-Suite for Healthcare Providers. 

If you would like to get more on that, make sure you join the group. There is so much in there. And like I said, it's not just the G Suite thing, there's more in there, there's little tips, little tricks in there. 

It is a great group, I really highly recommend you doing that. 

And I will again, I'll include the link below. 

If you're someone who's in here that's interested in the Paubox, maybe you're a small practice, and you want to implement something and you don't want to incur the large cost of doing it. This is a great option. 

Nate, thank you, man for being here. I really appreciate it.

Thank everyone. 

I want to thank everyone for coming and checking out the PT Business Builders group and show -- where we believe EMRs suck.

That systems and software should actually improve your practice and your life -- not consume it. 

And here the only measure of success are systems that give you the time to enjoy your life and the financial freedom to enjoy that. 

Thank you guys for stopping in.

Nate, thanks for sharing with the group. Thank you for doing this.

I'm sure it's gonna help a lot of people. 

{Nathan Hoffman} You got it.

You take care. You have a good one.

Sign up below to get regular tips from Ray on How To Grow Your PT Business
PLUS get access to our SECRET TOOL
that will grow your business with the help of NPS

Leave a Reply

Your email address will not be published. Required fields are marked *