Posts Tagged ‘ePHI’
If my web site is very simple, do I have to worry about HIPAA compliance?
Friday, March 24th, 2017We received this questions via Ask Erik from a Physicians’ Association:
“Our company website does not contain any patient information. As a healthcare group, do we need to worry about HIPAA compliance for our site? It contains forms, news and some company polices and procedures but no patient information whatsoever. Thank you.”
Thank you for your question! Here, we delve into how you can answer this for your site.
Read the rest of this post »
Press Release: How To Text and Remain HIPAA-compliant
Tuesday, March 15th, 2016
WESTWOOD, MA, March 15, 2016 — LuxSci® announces the recent launch of SecureText, a unique solution to concerns about HIPAA-compliant text messaging, and an important step to safeguard and secure electronic patient health information (ePHI).
Communicating through text message is a convenience to which we have grown rapidly accustomed. However, sending unsecured texts places healthcare providers and patients at risk in several ways: (1) ePHI-laden messages are not always encrypted during transmission or storage; (2) anyone with access to a recipient’s phone or stored messages can view ePHI-laden messages; (3) and some ePHI-laden text messages travel through organizations which lack required HIPAA Business Associate Agreements. Additionally, since healthcare providers are required to obtain and maintain consent from patients for texting – providers must ensure that patients are adequately educated on the risks associated with sending ePHI via text and presented with secure alternatives to insecure texting.
Read the rest of this post »
7 Ways You Could be Unknowingly Violating HIPAA
Friday, August 14th, 2015
Non-compliance with HIPAA can easily lead to unintended breaches where data is exposed to unauthorized parties. This can be very expensive! Violating HIPAA can cost anywhere from $100 to $50,000 per violation (or per data record).
You don’t want to be caught in a situation where inaction, neglect, or lack of knowledge can result in violating HIPAA. Many small and large organizations are often unknowingly using systems in a way that is either already in breach or which results in frequent sporadic breaches.
Check your organization!
If any of the following scenarios apply to you, it is worth bringing them up the person responsible for compliance (your HIPAA Security Officer) to include in your mandatory yearly Risk Analysis. Is the risk of breach worth continuing with “business as usual?”
Talk To LuxSci’s HIPAA-compliance Experts
Read the rest of this post »
Encryption and Auditing for MySQL Databases under HIPAA
Monday, July 21st, 2014
We get many questions regarding MySQL databases and HIPAA website compliance. These range from confusion over the auditing of access to stored ePHI to what HIPAA’s data encryption requirements actually are to how HIPAA applies to MySQL databases. Next, we will attempt to address some of these subtle questions.
Read the rest of this post »
