Because of its complexity and technicality, there’s never a shortage of questions about HIPAA.
Because of its complexity and technicality, there’s never a shortage of questions about HIPAA. That’s why we started this blog; to answer the most confusing parts of HIPAA, and to offer educational assistance on how to get compliant.
The following is a compilation of the most sought after and consumed HIPAA content on the SecurityMetrics blog.
Unsecured remote access is a big vulnerability in the healthcare industry. With remote access applications and programs, it’s so easy to gain access to patient data from outside the office. The problem is, if you don’t utilize remote access securely, it’s the #1 vulnerability hackers exploit to compromise organizations.
Many mistakenly believe Meaningful Use covers their HIPAA requirements. Or vise versa. Unfortunately, these are two different standards, with two different purposes. Luckily, there may be some overlap for those hoping to minimize workload.
Higher management often regulates HIPAA budgets. Restricted budgets limit the resources available to help you secure your organization. This post was designed to help you prove why HIPAA budgets should be increased by explaining how much it actually costs to achieve compliance.
Even though they are the simplest building block of personal and business security, passwords continue to be a problem in healthcare. This post explains strategies for HIPAA compliant passwords. For more password information, check out this other blog post on HIPAA passwords.
Wireless security is crucial to your overall security strategy, especially since that’s the way most of your protected health information is transmitted. The problem is, some practices and even hospitals do not segment their guest wireless network from their work wireless network
See also: SecurityMetrics HIPAA Guide
Securely transmitting patient data over email is a challenge for healthcare. Consequently, email encryption is also the #1 question asked of SecurityMetrics auditors. What is the correct way to securely send PHI to patients? Other doctors? Insurance companies?
What are you supposed to do with physical documents containing patient health information? Though it seems like a no-brainer, secure document destruction is a serious issue that has caused serious financial headaches for some major healthcare organizations.
Risk management plans are a way to prove that you know about, and are fixing risks to your patient data. But what exactly do these plans entail? And what are an organization’s options when implementing these plans?
It’s no secret that HIPAA is overwhelming for most healthcare organizations. Well, how are you supposed to eat an elephant? One bite at a time. This blog post provides a detailed 21-day plan for smaller practices, including daily HIPAA tips that anyone can fit in a busy schedule.
Our auditors compiled a HIPAA violations quiz that you can easily take during a quick tour around your office. Even well established practices employing a security conscious staff find problems similar to the ones outlined in this quiz.
.svg)
