HIPAA Security

HIPAA Security Policies

By Art Gross – In healthcare, it is crucial to ensure the security and privacy of electronic health records and all patient data with security policies. HIPAA provides guidelines for healthcare organizations and covered entities to follow in order to maintain the confidentiality, integrity, and availability of patient health information PHI, or ePHI.

Read More

HIPAA Security Officer

By Art Gross – Recently we went over the role of the HIPAA Privacy Officer and what responsibilities that individual would oversee, as well as what qualifications an ideal candidate would bring to the position. Additionally, HIPAA Regulations require that you formally identify a Security Officer in addition to a Privacy Officer, but they can be the same person.



Are Biometrics the Future of HIPAA Security?

By Kayla Matthews – Medical electronic health records, or EHRs for short, may have the potential to be much more secure than conventional records. That sounds like a bold claim in light of news about data breaches involving personal information.



New HIPAA Guidance on Ransomware Attacks and ePHI Security

By Bob Grant – HHS Office for Civil Rights has released new guidance about how HIPAA-beholden entities can better equip themselves to deal with ransomware attacks. Ransomware is a targeted kind of malware attack that takes data ‘hostage.’ The attackers responsible then give the organization a countdown to a time at which they expect to receive a ‘ransom’ in exchange for restored access to the withheld data.



The Cloud is Good, But Know Where Data Go

By Matt Fisher – A recent settlement announcement from the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) highlights the need to evaluate web-based applications and storage solutions. Web-based or cloud solutions are viable options and tools for healthcare entities to utilize, but those tools need to evaluated for compliance with HIPAA security requirements.