Between Aetna’s recent news story on disclosing confidential healthcare information, Affordable Care Act changes, and Medicaid updates – businesses (and patients) are learning how critical compliant mailing has become. It begs the questions: what are USPS secure mailing compliance regulations and how are businesses being held accountable to protect the rights of recipients?
To start, the USPS has a long list of secure mailing and shipping regulations. What this really means is companies need to heavily rely on their print and mailing provider to keep up-to-date with compliance and security in their facility.
Though it may not be the “sexiest” side of print and fulfillment, security is Fineline’s top priority and niche service as a print and fulfillment provider. As a commercial printer focused on managing the entire print process for regulated enterprise organizations, we know a thing or two about making sure companies don’t face mailing violations (and a PR nightmare). As part of these USPS secure mailing updates printers need to stay ahead of postal regulations. Recently updated, the USPS just migrated to a newer more secure system of sending: Secure Hash Algorithm system named “SHA‐1” to a “SHA‐256” system.
What is it?
Secure Hash Algorithm protects confidential file information. Hash algorithms quickly detect duplicated content and communications encryption process. Restricting the public and 3rd parties from accessing confidential information in a file transfer.
SHA‐1 vs. SHA‐256 – what’s changing?
This change over has been a big effort on behalf of the USPS secure mailing process. Beginning in December 2016, the USPS announced to all licensed developers that they would be migrating from SHA‐1 to SHA‐256 USPS new encryption system.
While most businesses that take part in compliant mailings won’t see a direct change in programs, it’s essential that your mailing provider stay certified and licensed appropriately within USPS standards. Mainly the SHA change means data is more secure now when addresses are sent back and forth for address checking.
The following software, products, or services used by the mailing industry are affected by this change:
- CASS™ and MASS™ Certified software or services (includes DPV®, LACSLink®, and SuiteLink®) to validate, update, and standardize addresses
- NCOALink® files used for Move Update processing
- DSF2® for sorting addresses in delivery order and to identify vacancies
- RDI™ to identify Residential addresses
These are essentially services and technology used for address quality, and to move updated information that is required by the USPS to mail at presort mail rates. Fineline’s software was updated to the new SHA-256 encryption in June, 2017.
Why USPS Secure Mailing Matters?
On any given day, Fineline sends out 40,000 pieces of USPS secure mailing communications. Much of which are HIPAA compliant or confidential in some way. Internally we use a 6-step process to manage secured enterprise print programs from beginning to end.If you’re mailing compliant information (PI, PHI, ePHI), make sure you ask the right questions of your provider.
- Are your address hygiene programs updated to SHA-256 to ensure mailing compliance?
- Are you HIPAA compliant?
- Do you have Secure File Transfer Methods for data transmission?
- How do you ensure confidential data is protected throughout your production process?
- Are you mailing and fulfillment staff HIPAA & Privacy certified?
- Does your equipment include camera matching technology for 100% data matches?
For additional USPS Secure Mailing and Postal Bulletin information, see resources below:
Postal Bulletin 22471 (7-6-17) https://about.usps.com/postal-bulletin/2017/pb22471/pb22471.pdf
- DMM Revision: Retail First-Class Mail Postage Payment Methods
- DMM Revision: Domestic and International Permit Imprint Application Fees
- ELM Revision: Reinstatement List Updates
- IMM Revision: International and Domestic Permit Imprint Application Fees
Postal Bulletin 22472 (7-20-17) https://about.usps.com/postal-bulletin/2017/pb22472/pb22472.pdf
- ASM Revision: Categories of International Mail Sealed Against Postal Inspection
- Pull-Out: Freely Associated States Restrictions
- FRN: Federal Register Notice
- PB: Postal Bulletin
- PE: Postal Explorer is a mailer’s resource for all information contained in the Domestic Mail Manual (DMM), International Mail Manual (IMM), Publication 52, Hazardous, Restricted, and Perishable Mail.
- PostalPro: PostalPro is a mailer’s resource for other information (i.e., Mailing and Shipping, Operations, Industry Forum, Certifications, Resources). This site will replace RIBBS.