Email gateways are a leading cause of security breaches. The optimistic view is that effective email security practices, firewalls, mobile device security, wireless security, endpoint security, web security, behavioral best practices, data loss prevention and network access control – among other solutions – can ensure foolproof security. The realistic view is that email – or […]
As a healthcare provider, or for that matter, any entity that works with healthcare clients, you are probably already aware of the fact that you cannot use traditional web forms to accept PHI (Protected Health Information). That would be a gross violation of the HIPAA regulations and can get you into trouble. For instance, you […]
Most businesses and organizations today use online forms to collect customer information. The same applies to healthcare companies. But, healthcare companies need to abide by stringent regulations concerning PHI or Protected Health Information under HIPAA. So, it is of the utmost importance for such organizations to follow certain best practices when designing these forms. Let’s […]
HIPAA’s encryption requirements fall in a grey area. This is mainly due to two reasons: encryption is required when ‘deemed appropriate’, which means email encryption is not absolutely necessary and ‘mutual consent’ can be used in place of encryption. there are a number of ‘addressable requirements’ pertaining to the technical safeguards as far as ePHI […]
In a question recently submitted to “Ask Erik,” John asked: “How does sending a TLS-encrypted email sometimes become non-compliant? Lets says I send an email from my Office 365 Business account to a gmail.com account which both support TLS encryption. Is it because I do not know what path and what servers the email has […]
