Blog
-
Reactive HIPAA Compliance: What Could Go Wrong?
As a HIPAA compliance professional, it can seem like you’re running from one disaster to the next. You’re so busy putting out “fires” all day…
-
Does HIPAA Require Encryption?
In 2012-2013, the University of Texas MD Anderson Cancer Center had three data breaches involving unencrypted devices. An unencrypted laptop had been stolen from an…
-
How to Secure Your Workstations
A vital step to protect patient information is to secure the tools you use to access, store, and transmit that information. Workstations are a major…
-
HIPAA Tip: Password Security
An employee complains about having to change their password yet again. After minutes spent crafting the new password, they jot it down on a sticky…
-
Can I Text or Email Patient Information?
Updated May 20, 2019 Sending texts and emails is a part of everyday life. Most organizations use one or both to communicate inside the organization…
-
How to Safely Manage Your Mobile Media
Mobile devices are commonplace in modern offices. As a covered entity (CE) or a business associate (BA), you will undoubtedly have mobile devices and media…
-
When Can I Disclose PHI?
Every day, you share patients’ protected health information (PHI) to carry out tasks at work. However, is it okay to share PHI without the patient’s…
-
How to Secure Your Personal Devices
Healthcare organizations of all sizes allow employees to use their personal devices, such as smartphones, to access protected health information (PHI). This is often called…
-
Cybersecurity Awareness: Multi-Factor Authentication
As a HIPAA-covered organization or business associate, you should set basic safeguards around your electronic protected health information (ePHI) so that it stays private and…
-
Cybersecurity Awareness: Patch Management
It’s National Cybersecurity Awareness Month (NCSAM), which means it’s time to go back to the basics of HIPAA privacy and security. The last post gave…
