|
|
Edited by Erik Kangas, PhD President of LuxSci
|
Posts Tagged ‘privacy’
Tuesday, July 13th, 2010
We are often approached by customers wanting to use their blackberry mobile devices to send and receive email that may contain electronic Protected Health Information (ePHI). Such customers, when they must abide by the HIPAA and HITECH laws governing medical privacy, must comply with a long set of regulations that covers, among other things, how ePHI may be transmitted over the Internet.
This article deals with the security of sending and receiving email on a Blackberry configured for Internet email services (i.e. it does not apply to those connecting to an Blackberry Enterprise Server and Exchange).
Read the rest of this post »
Tags: baa, blackberry, business associate agreement, ePHI, hipaa, hitech, privacy, security, ssl Posted in LuxSci Library: HIPAA, LuxSci Library: The Technical Side of Email
No comments »
Wednesday, March 10th, 2010
LuxSci has updated its privacy policy with the help of TRUSTe to ensure that LuxSci abides by the EU Safe Harbor Framework as outlined by the U.S. Department of Commerce and the European Union. Read LuxSci’s privacy policy.
Lux Scientiae is a licensee of the TRUSTe Privacy Program. TRUSTe is an independent organization whose mission is to build users’ trust and confidence in the Internet by promoting the use of fair information practices. This privacy statement covers the Web site www.luxsci.com. Because this Web site wants to demonstrate its commitment to your privacy, it has agreed to disclose its information practices and have its privacy practices reviewed for compliance by TRUSTe.
If you have questions or concerns regarding this statement, you should first contact the Lux Sceintiae Privacy Officer. If you do not receive acknowledgment of your inquiry or your inquiry has not been satisfactorily addressed, you should contact TRUSTe at TRUSTe. TRUSTe will then serve as a liaison with us to resolve your concerns
Lux Scientiae complies with the EU Safe Harbor framework as set forth by the Department of Commerce regarding the collection, use, and retention of data from the European Union.
Tags: privacy Posted in LuxSci Insider
No comments »
Saturday, January 30th, 2010
Changes to HIPAA as a result of HITECH provisions in the American Recovery and Reinvestment Act are going into effect on February 17, 2010. These changes seriously impact the requirements on Business Associates and impose significant liability penalties on HIPAA violations. For a discussion of these and how they relate to email and web services, see: HITECH 2010: HITECH Impact on Email and Web Outsourcing.
In response to these changes and to ensure that both LuxSci and its HIPAA customers are HIPAA-compliant:
- Old BAA Void: All Business Associate Agreements (BAA), formerly known as Medical Privacy Agreements, that current LuxSci customers have by virtue of the old BAA being incorporated automatically in LuxSci’s Master Services Agreement are VOID as of February 17th, 2010.
- New BAA Required: Any LuxSci Customer who is using or plans to use LuxSci for ePHI (electronic protected health information) of any kind (i.e. email, web sites, WebAides, databases, etc) must explicitly sign our new BAA and ARA (Account Restrictions Agreement) before LuxSci will consider itself a Business Associate and the customer’s LuxSci account HIPAA compliant.
LuxSci will be contacting customers that it believes might need to sign a BAA and ARA during the month of February. However, as LuxSci does not know which customers are using their account(s) for storage or transmission of ePHI, it is up to our customers to contact LuxSci to establish a BAA.
See:
Read the rest of this post »
Tags: baa, business associate agreement, ePHI, hipaa, hitech, privacy Posted in LuxSci Insider
1 Comment »
Saturday, January 30th, 2010
LuxSci has made some changes to it Privacy Policy. These changes expand the types of things that LuxSci considers to be confidential and strengthen LuxSci’s confidentiality statement. The Privacy Policy is posted here – Lux Scientiae Privacy Policy.
Read the rest of this post »
Tags: confidentiality, non-disclosure, privacy, privacy policy Posted in LuxSci Insider
No comments »
Wednesday, January 20th, 2010
Surprise! HIPAA has changed, gotten bigger, and grown teeth.
The American Recovery and Reinvestment Act (ARRA, or The Obama Stimulus Bill), signed into law in February 2009, includes new, more comprehensive provisions for HIPAA. These provisions are in a section of the bill known as the Health Information Technology for Economic and Clinical Health Act (HITECH).
For organizations that are already required to abide by HIPAA (i.e. the “Covered Entities” of HIPAA), HITECH adds the following requirements:
Read the rest of this post »
Tags: 2010, arra, business associate, covered entity, email security, hipaa, hitech, obama stinulus, phi, privacy Posted in AAA Featured Articles, LuxSci Library: HIPAA, LuxSci Library: Security and Privacy
6 Comments »
Thursday, April 9th, 2009
People have asked us if sending an email to someone via BCC (Blind Carbon Copy) is HIPAA-compliant. For example, a doctor’s office sending a newsletter to its patients via BCC. The presumption is that because when a message is sent via BCC, the recipient’s email address is not visible in the message that there is no way to identify the individual(s) to whom the message was sent and thus the messages do not contain any “personally identifiable health information” that is protected by HIPAA.
The short answer is “BCC is not good enough“. For the long answer, read on.
Read the rest of this post »
Tags: bcc, blind carbon copy, hipaa, newsletter, phi, privacy Posted in Business Solutions, LuxSci Library: HIPAA
No comments »
Monday, March 16th, 2009

Performing daily business transactions through electronic technologies is an accepted, reliable and necessary tool across the nation’s healthcare sectors. Therefore, electronic communications have become a standard in the healthcare industry as a way to conduct business activities that commonly include:
- Interacting with web-savvy patients;
- Real time authorizations for medical services;
- Transcribing, accessing and storing health records;
- Appointment scheduling; and
- Submitting claims to health plan payers for payment of the services provided.
Read the rest of this post »
Tags: access control, addressable, audit controls, authentication, covered entities, email security, email security rule, encryption, ePHI, Health Insurance Portability and Accountability Act, heathhealthcare, hipaa, integrity, phi, privacy, protected health information Posted in AAA Featured Articles, LuxSci Library: HIPAA, TechNotes
7 Comments »
Sunday, March 8th, 2009
Email security issues and technologies are extremely complicated; however, here we intend to make the salient issues and solutions clearly understandable to all readers.
You may already know that email is not a perfectly secure communication medium; however, it might surprise you to learn just how inherently insecure email can be. Messages thought deleted can still exist in backup folders on remote servers years after being sent. Hackers can read and modify messages in transit, use your usernames and passwords to login to your online services, and steal your identity and critical information!
As the amount of crucial business conducted via email increases, so does the amount of Spam, viruses, hacking, fraud, and other malicious activity. Unless precautions are taken, email can leave you and your business open to escalating security and privacy risks. What are these risks?
Read the rest of this post »
Tags: anonymous, eavesdropping, email bombs, email security, email threats, privacy, spam, viruses, worms Posted in AAA Featured Articles, LuxSci Library: Security and Privacy, TechNotes
1 Comment »
Saturday, January 31st, 2009
LuxSci has allowed use of OpenIDs provided by third parties for access to user accounts since December. Proper use of OpenIDs can make logging into sites such as LuxSci both faster and more secure.
Now, LuxSci is also an OpenID Provider. This means that you can create an OpenID based on your existing LuxSci account that can be used as a single sign on to any other web site that supports OpenID.
Read the rest of this post »
Tags: affiliate, cookie, openid, openid provider, password, privacy, provider, reports, secue OpenIDs, security, single sign on, webmail password Posted in New Feature Announcements
No comments »
Monday, January 26th, 2009
LuxSci has added plug-ins to its WebMail application in version 10.10 of LuxSci’s software which includes two JAVA applets. So, were we hesitant to add JAVA applets, FLASH, ActiveX, and other plugins in the first place? And why the sudden change of heart? What does this mean for our customers who are concerned about security or who do not want or cannot use JAVA applets?
Read the rest of this post »
Tags: activex, bulk, cascading style sheets, chrome, cookies, css, file, firefox, flash, html, internet explorer, java, java applet, javascript, mobile, opera, privacy, safari, security, webaides, webmail, xpress Posted in LuxSci Insider
1 Comment »
|
|