Ransomware has exploded in popularity during the past two years, with the number of identified families growing 400 percent since 2015. It affects individuals, nonprofits and enterprises alike, but it’s is particularly fond of the healthcare industry because of the value of patient data and the criticality of hospitals. To help the healthcare IT industry (and others) learn more about ransomware, I’ve compiled a list of the most informational articles on the web to date. Health and Human Services Department …

Encryption has been widely talked about as one of the best tools to protect you against potential attacks on your data. For many companies processing credit card payments, encrypting data is required for compliance with standards such as PCI DSS and individual state laws. But if you’re in the healthcare industry, it’s even more important because it’s not required for hipaa compliance. What is encryption? It takes your data and codes it using a series of mathematical formulas to render …

There are many aspects of complying with HIPAA regulations, and all are equally important to avoid facing the stiff penalties that come as a result of any violations. In addition to technical and physical safeguards for your PHI, the administrative safeguards of the HIPAA Security Rule require a contingency plan. This is comprised of a data backup plan, disaster recovery plan, emergency mode operation plan, testing and revision procedures as well as application and data criticality analysis. We’ll discuss how …

To address the question of whether or not to use data encryption when it comes to meeting HIPAA compliance and keeping patient health information (PHI) protected, let’s revisit the Health Insurance Portability and Accountability Act of 1996 (HIPAA): A covered entity must, in accordance with §164.306… Implement a mechanism to encrypt and decrypt electronic protected health information.” (45 CFR § 164.312(a)(2)(iv)) If you choose not to encrypt data, the HIPAA Security Rule states you must implement an equivalent solution to meet …

Safeguarding Patient Data in EHRs

Posted on November 26, 2015 by

A recent blog by the HIPAA, HITECH & HIT legal blog of Fox Rothschild revealed a survey administered by the Office of Inspector General (OIG) of the U.S. Dept. of Health & Human Services (HHS). The EHR (electronic health record) technology questionnaire is part of a study on fraud and abuse safeguards in EHRs. The questionnaire may serve as insight for hospitals attempting to establish safeguards with their digital systems to protect electronic protected health information (ePHI) and prevent a …

When you create a list of who you’re thankful for, your auditor may not jump to the top of your list. After all, isn’t that who asks for all those mountains of documents and relentlessly asks those probing questions? Let’s face it: the relationship between a business and an auditor can be a contentious one. The high price of reports, resources spent compiling the information and remediating any issues can be more than enough to give any CXO heartburn and …

NOTE: As discussed here previously, Online Tech was part of a panel webinar presentation of “5 Key Tools to Help Your Organization Achieve HIPAA Compliance,” inspired by a BlogHipaa.com post that cited tips from representatives of organizations specializing in each of those five areas. The following infographic, created by the Compliancy Group, is compiled from information compiled during that Oct. 21 webinar.

Want to learn more about five tools that can help protect patient data? Online Tech Director of Healthcare IT April Sage will be part of a panel presenting “5 Key Tools to Help Your Organization Achieve HIPAA Compliance” via webinar on Tuesday, Oct. 21. The 90 minute webinar begins at 2 p.m. ET. (Register here.) BlogHipaa.com presented the five tools in a recent post, citing tips from representatives of organizations in each area. Now those industry experts will co-present a …

5 tools to protect patient data

Posted on October 3, 2014 by

As HIPAA regulations increase and cybersecurity threats advance, the healthcare industry’s effort to protect patient data gets more complex. Online Tech recently contributed to a story posted on BlogHIPAA.com that covers five tools to help protect patient information and ease the compliance burden: Email encryption Mobile phone BYOD protection HIPAA-compliant storage HIPAA-compliant hosting Compliance tracking solution BlogHIPAA spoke with representatives from industry-leading organizations in each of these areas, each of them focused on compliance. They each provided insight into why …

There’s a new leader on the U.S. Department of Health & Human Services’ Wall of Shame. A hacking group known as “APT 18” is suspected of stealing names, Social Security numbers, addresses, birthdays and telephone numbers from 4.5 million patients of Community Health Systems, a network of 206 hospitals across 29 states (see map at right). Credit card numbers and medical records were not accessed. It’s the largest attack involving patient information since the HHS started tracking HIPAA breaches in …

Get started now. Exceptional service awaits.

Live Chat