Posts Tagged ‘privacy’
Wednesday, March 14th, 2012
 Over the last 12 months, LuxSci has added many new features, enhanced services, and improved usability. We have also made a large numbers of security and privacy improvements.
Some of the most conspicuous of these include changes to User Account Access, HIPAA Security, SecureForm, Backups, Restores, Email Security, Credit Card Security, Auditing, Security of Support Access to Data, Web Hosting, and Firewalls.
Read the rest of this post »
Tags: privacy, security
Posted in LuxSci Library: Security and Privacy, New Feature Announcements
No comments »
Friday, July 1st, 2011
 It is often thought that Viruses and Malware are the biggest threats to your personal information, but there is even a greater threat that often goes undetected. Social Engineering is a technique used by people to gather your personal or secure information without you even thinking twice about giving it away. Social Engineering is most often performed over the phone, but could just as easily be done via email, text messaging, or any other form of communication; you can be Social Engineered by anyone.
In the most basic form, Social Engineering is when someone poses as someone else (i.e. a trusted friend or colleague) to trick you into divulging sensitive information. ”Hey, this is PayPal, please follow this link and re-enter all your banking details — its ok, really!”
Read the rest of this post »
Tags: email, filtering, phishing, privacy, security, social engineering, spear phishing
Posted in LuxSci Library: Security and Privacy
No comments »
Wednesday, May 18th, 2011
 There are several great iPhone Security Apps and a handful of good and simple configuration changes that you can make to your iPhone to greatly enhance you iPhone security and protect your sensitive information and identity. We have seen security vulnerabilities in iPhone including flaws in pass code access (since fixed), so it makes sense to take proactive measures — especially as attacks on mobile devices are growing rapidly.
Easy Configuration Changes for Security and Privacy
There are several iPhone configuration settings that you should make to start protecting your iPhone. The first thing to do is “Don’t Jailbreak Your iPhone“. Jailbreaking removes much of the security inherent in the iPhone and makes it much easier for malicious software or users to gain access. Furthermore, Apps that you can install on a Jailbroken phone may have not gone though any kind of screening process — you have to “trust” that they are OK.
Read the rest of this post »
Tags: app, big brother, eavesdropping, fonehome, iphone, iTunes, jailbreak, notes secure, privacy, remote wipe, securewipe, security
Posted in LuxSci Library: Security and Privacy
1 Comment »
Saturday, May 7th, 2011
 Facebook use is ubiquitous–you can even “Like” this post on Facebook right from our blog. As most people know, the default account settings in Facebook are very weak in terms of security and extremely permissive in terms of privacy (facebook doesn’t really believe in privacy).
For an in depth guide to Facebook’s settings and their security and privacy impact, we recommend reviewing Facebook Security Best Practices by Sophos.
Here, we provide a set of very important and simple changes you can make to your facebook account to significantly improve security and privacy. You can think of these suggestions as the “low hanging fruit”.
Read the rest of this post »
Tags: account profile, facebook, personalization, privacy, secruity
Posted in LuxSci Library: Security and Privacy
No comments »
Tuesday, July 13th, 2010
 We are often approached by customers wanting to use their blackberry mobile devices to send and receive email that may contain electronic Protected Health Information (ePHI). Such customers, when they must abide by the HIPAA and HITECH laws governing medical privacy, must comply with a long set of regulations that covers, among other things, how ePHI may be transmitted over the Internet.
This article deals with the security of sending and receiving email on a Blackberry configured for Internet email services (i.e. it does not apply to those connecting to an Blackberry Enterprise Server and Exchange).
Read the rest of this post »
Tags: baa, blackberry, business associate agreement, ePHI, hipaa, hitech, privacy, security, ssl
Posted in LuxSci Library: HIPAA, LuxSci Library: The Technical Side of Email
No comments »
Wednesday, March 10th, 2010
 LuxSci has updated its privacy policy with the help of TRUSTe to ensure that LuxSci abides by the EU Safe Harbor Framework as outlined by the U.S. Department of Commerce and the European Union. Read LuxSci’s privacy policy.
Lux Scientiae is a licensee of the TRUSTe Privacy Program. TRUSTe is an independent organization whose mission is to build users’ trust and confidence in the Internet by promoting the use of fair information practices. This privacy statement covers the Web site www.luxsci.com. Because this Web site wants to demonstrate its commitment to your privacy, it has agreed to disclose its information practices and have its privacy practices reviewed for compliance by TRUSTe.
If you have questions or concerns regarding this statement, you should first contact the Lux Sceintiae Privacy Officer. If you do not receive acknowledgment of your inquiry or your inquiry has not been satisfactorily addressed, you should contact TRUSTe at TRUSTe. TRUSTe will then serve as a liaison with us to resolve your concerns
Lux Scientiae complies with the EU Safe Harbor framework as set forth by the Department of Commerce regarding the collection, use, and retention of data from the European Union.
Tags: privacy
Posted in LuxSci Insider
No comments »
Saturday, January 30th, 2010
 Changes to HIPAA as a result of HITECH provisions in the American Recovery and Reinvestment Act are going into effect on February 17, 2010. These changes seriously impact the requirements on Business Associates and impose significant liability penalties on HIPAA violations. For a discussion of these and how they relate to email and web services, see: HITECH 2010: HITECH Impact on Email and Web Outsourcing.
In response to these changes and to ensure that both LuxSci and its HIPAA customers are HIPAA-compliant:
- Old BAA Void: All Business Associate Agreements (BAA), formerly known as Medical Privacy Agreements, that current LuxSci customers have by virtue of the old BAA being incorporated automatically in LuxSci’s Master Services Agreement are VOID as of February 17th, 2010.
- New BAA Required: Any LuxSci Customer who is using or plans to use LuxSci for ePHI (electronic protected health information) of any kind (i.e. email, web sites, WebAides, databases, etc) must explicitly sign our new BAA and ARA (Account Restrictions Agreement) before LuxSci will consider itself a Business Associate and the customer’s LuxSci account HIPAA compliant.
LuxSci will be contacting customers that it believes might need to sign a BAA and ARA during the month of February. However, as LuxSci does not know which customers are using their account(s) for storage or transmission of ePHI, it is up to our customers to contact LuxSci to establish a BAA.
See:
Read the rest of this post »
Tags: baa, business associate agreement, ePHI, hipaa, hitech, privacy
Posted in LuxSci Insider
1 Comment »
Saturday, January 30th, 2010
 LuxSci has made some changes to it Privacy Policy. These changes expand the types of things that LuxSci considers to be confidential and strengthen LuxSci’s confidentiality statement. The Privacy Policy is posted here – Lux Scientiae Privacy Policy.
Read the rest of this post »
Tags: confidentiality, non-disclosure, privacy, privacy policy
Posted in LuxSci Insider
No comments »
Wednesday, January 20th, 2010
Surprise! HIPAA has changed, gotten bigger, and grown teeth.
The American Recovery and Reinvestment Act (ARRA, or The Obama Stimulus Bill), signed into law in February 2009, includes new, more comprehensive provisions for HIPAA. These provisions are in a section of the bill known as the Health Information Technology for Economic and Clinical Health Act (HITECH).
For organizations that are already required to abide by HIPAA (i.e. the “Covered Entities” of HIPAA), HITECH adds the following requirements:
Read the rest of this post »
Tags: 2010, arra, business associate, covered entity, email security, hipaa, hitech, obama stimulus, phi, privacy
Posted in AAA Featured Articles, LuxSci Library: HIPAA, LuxSci Library: Security and Privacy
6 Comments »
Thursday, April 9th, 2009
 People have asked us if sending an email to someone via BCC (Blind Carbon Copy) is HIPAA-compliant. For example, a doctor’s office sending a newsletter to its patients via BCC. The presumption is that because when a message is sent via BCC, the recipient’s email address is not visible in the message that there is no way to identify the individual(s) to whom the message was sent and thus the messages do not contain any “personally identifiable health information” that is protected by HIPAA.
The short answer is “BCC is not good enough“. For the long answer, read on.
Read the rest of this post »
Tags: bcc, blind carbon copy, hipaa, newsletter, phi, privacy
Posted in Business Solutions, LuxSci Library: HIPAA
No comments »
|
 |
|
Email updates:
