" breach Archives - LuxSci FYI Blog: Learn about HIPAA email encryption, secure email encryption, and more
LUXSCI

Posts Tagged ‘breach’

Ask Erik: Is misaddressed email a HIPAA breach?

Friday, December 8th, 2017

Read the rest of this post »

The HIPAA Breach Notification Rule: What it Really Means to Providers and Insurers

Friday, September 15th, 2017

For many providers and insurers, the Breach Notification Rule is still a puzzle waiting for a solution. Partly, this is due to the fact that the rule is complex in itself, and requires attention to every detail. As a matter of fact, we cannot expect to be at our best when someone has stolen our sensitive information.

Do you understand the HIPAA breach notification rule?

To address this problem in the wake of rising health data breaches, we have compiled an easy-to-understand guide to the Breach Notification Rule. Let’s begin the journey with a quick overview of the Breach Notification Rule and its purpose.

Read the rest of this post »

HIPAA FAX Breach: Why health care should finally stop faxing

Monday, September 11th, 2017

For more information, see:

Read the rest of this post »

The Equifax Breach: What you need to know

Friday, September 8th, 2017

Update: Equifax’s lawyers have since updated their language on the use of Equifax services as it relates to being able to participate in a class action law suit.  While New York Attorney General Eric Schneiderman said the forced arbitration terms of service are “unenforceable” and should be removed, Equifax has added language to its “FAQs for Consumers” that the arbitration clause in the “Terms of Use” does not apply to “the cybersecurity incident.”

Read the rest of this post »

HIPAA Compliance and Emails: A View from the Trenches

Monday, August 28th, 2017

We have scoured the internet for real-life examples on the use of emails in medical scenarios, the better to be able to convince our readers of the points we have made in past posts about the perils and pitfalls of using unsecured emails for communications. Email is one of the oldest (some even refer to it as “legacy”) tools in our always-connected, digital world. However, its use between patients and their medical providers and amongst doctors and their business associates can be fraught with issues that may violate the provisions of the Health Insurance Portability and Accountability Act (HIPAA).

The HIPAA privacy rules require covered entities and their business associates to protect patients’ health information from unauthorized disclosure. The HIPAA security rules do not mandate specific technologies or prohibit others. In fact, HIPAA

“…allows covered health care providers to communicate electronically, such as through e-mail, with their patients, provided they apply reasonable safeguards when doing so.

An imperfect understanding of patients’ privacy concerns, lack of proficiency in using computers or access to them, misguided policies on usage – all these play a part in HIPAA privacy breaches. The consequences of such breaches can be quite burdensome for the medical provider.

HIPAA-compliant email

In a previous post, we provided some data on HIPAA-related complaints filed with the US Health and Human Services’ (HHS) Office of Civil Rights (OCR). There were 350 breaches of unprotected health information involving 500 or more individuals reported in the last two years to the HHS and under investigation by OCR. 75 of these had their origin in email, with half this number involved in unauthorized access or disclosure.

Medical providers often forget (or might even be unaware of) “reasonable safeguardsthat can easily be implemented to prevent emails from leaking information that patients might consider as compromising their privacy. By analyzing some real life examples of how email is used (well, actually misused) in practice, we hope this post can convince you of reasonable safeguards that can make email a useful and efficient part of your workflow while conforming to HIPAA.

Read the rest of this post »

LUXSCI