|
|
By Erik Kangas, PhD, President
|
Posts Tagged ‘ePHI’
Published: Wednesday, May 25th, 2011
 We are frequently approached by customers in need of HIPAA compliant email who are currently using Gmail, or who have users that are familiar with and like Gmail. They would, of course, like to add HIPAA compliance without changing any of their business processes or habits.
For example, some customers may want to setup HIPAA compliant email with LuxSci and have those secure messages forwarded to Gmail, where they can access them in their “usual way”. In general, this is a bad idea — this will almost always be non-compliant and leave them at significant risk for breaches, disclosure, and HIPAA liability.
No one who must abide by HIPAA should be accessing ePHI though Gmail.
Read the rest of this post »
Tags: checklist, ePHI, gmail, google, hipaa, hipaa compliant
Posted in LuxSci Library: HIPAA, LuxSci Library: The Technical Side of Email
No comments »
Published: Thursday, May 12th, 2011
LuxSci provides HIPAA-compliant services and must itself maintain HIPAA-compliant business operations in order to comply with HIPAA HITECH regulations. As such, many of our customers and leads look to us for exactly what they need to do to be compliant.
This article provides you with a quick and easy-to-read overview of the various things needed for compliance. The items given below should not be considered a complete or formal list for compliance, nor will doing all of these things guarantee that you are compliant.
Read the rest of this post »
Tags: addressable, compliant, encryption, ePHI, hipaa, hitech, phi protected health information, security
Posted in LuxSci Library: HIPAA
No comments »
Published: Tuesday, July 13th, 2010
 We are often approached by customers wanting to use their blackberry mobile devices to send and receive email that may contain electronic Protected Health Information (ePHI). Such customers, when they must abide by the HIPAA and HITECH laws governing medical privacy, must comply with a long set of regulations that covers, among other things, how ePHI may be transmitted over the Internet.
This article deals with the security of sending and receiving email on a Blackberry configured for Internet email services (i.e. it does not apply to those connecting to an Blackberry Enterprise Server and Exchange).
Read the rest of this post »
Tags: baa, blackberry, business associate agreement, ePHI, hipaa, hitech, privacy, security, ssl
Posted in LuxSci Library: HIPAA, LuxSci Library: The Technical Side of Email
No comments »
Published: Saturday, January 30th, 2010
 Changes to HIPAA as a result of HITECH provisions in the American Recovery and Reinvestment Act are going into effect on February 17, 2010. These changes seriously impact the requirements on Business Associates and impose significant liability penalties on HIPAA violations. For a discussion of these and how they relate to email and web services, see: HITECH 2010: HITECH Impact on Email and Web Outsourcing.
In response to these changes and to ensure that both LuxSci and its HIPAA customers are HIPAA-compliant:
- Old BAA Void: All Business Associate Agreements (BAA), formerly known as Medical Privacy Agreements, that current LuxSci customers have by virtue of the old BAA being incorporated automatically in LuxSci’s Master Services Agreement are VOID as of February 17th, 2010.
- New BAA Required: Any LuxSci Customer who is using or plans to use LuxSci for ePHI (electronic protected health information) of any kind (i.e. email, web sites, WebAides, databases, etc) must explicitly sign our new BAA and ARA (Account Restrictions Agreement) before LuxSci will consider itself a Business Associate and the customer’s LuxSci account HIPAA compliant.
LuxSci will be contacting customers that it believes might need to sign a BAA and ARA during the month of February. However, as LuxSci does not know which customers are using their account(s) for storage or transmission of ePHI, it is up to our customers to contact LuxSci to establish a BAA.
See:
Read the rest of this post »
Tags: baa, business associate agreement, ePHI, hipaa, hitech, privacy
Posted in LuxSci Insider
1 Comment »
Published: Monday, March 16th, 2009
Performing daily business transactions through electronic technologies is an accepted, reliable and necessary tool across the nation’s healthcare sectors. Therefore, electronic communications have become a standard in the healthcare industry as a way to conduct business activities that commonly include:
- Interacting with web-savvy patients;
- Real time authorizations for medical services;
- Transcribing, accessing and storing health records;
- Appointment scheduling; and
- Submitting claims to health plan payers for payment of the services provided.
Read the rest of this post »
Tags: access control, addressable, audit controls, authentication, covered entities, email security, email security rule, encryption, ePHI, Health Insurance Portability and Accountability Act, heathhealthcare, hipaa, integrity, phi, privacy, protected health information
Posted in AAA Featured Articles, LuxSci Library: HIPAA, TechNotes
9 Comments »
|
|
Receive automatic updates via email:
