" hipaa Archives - Page 11 of 22 - LuxSci

Posts Tagged ‘hipaa’

Cyber Espionage Infiltrates American Small Business

Tuesday, January 30th, 2018

The last thing an architect could imagine is that his company’s proposal for a new commercial building site along a stunning San Francisco Bay view would lose to a competitor with a similar design and infrastructure, a lower bid, and a leaner delivery schedule. It happened. And cyber-espionage was the culprit.

New technology spans the globe as small businesses find themselves victims to espionage as someone steals their sales pipelines, customer lists, corporate secrets, and corridors to their Fortune 1000 clients without their knowledge. It was Robert Mueller, former head of the FBI, who stated in 2012 that “there are only two types of companies: those that have been hacked and those that will be.” A well-known attorney updated that comment recently when he warned his colleagues that “You are a company that has been hacked or a company that doesn’t know you were hacked.” This is a reality check for all business owners.

Read the rest of this post »

Tags: cyber, espionage, healthcare, hipaa, HIPAA Law
Posted in LuxSci Library: Security and Privacy
No comments »

Ask Erik: Is misaddressed email a HIPAA breach?

Friday, December 8th, 2017

Read the rest of this post »

Tags: breach, email, escrow, hipaa, recipient, tls
Posted in LuxSci Library: HIPAA
No comments »

Trust Seals & Their Impact on Sales: Things You Should Know

Wednesday, November 8th, 2017

With visually appealing trust seals on your website, you can expect to get more leads and improve sales.

Have you ever noticed a logo on an e-commerce site that is screaming to tell that their payment system will not compromise your credit card information? Well, this is an example of a variety of trust-building tools called trust seals. The trust seals appear in a site in various forms such as a logo, icon or badge. They may be placed in the header, near a form, and in the footer or navigation menu.

Some common examples of trust seals are Luxsci’s HIPAA certification seal, Better Business Bureau (BBB), McAfee, TrustedShops, SiteLock, GeoTrust, Thawte, Comodo, PayPal, Visa, Google, Verisign, TRUSTe seals and Shopify.

A graduation certificate from MIT or Oxford will most probably land you up on a high-paying job. Right? (But then after, your performance will decide how long the employer will retain you.) This is similar to what trust seals do to your business.

Read the rest of this post »

Tags: hipaa, seal, trust, trustmark
Posted in LuxSci Library: Security and Privacy
No comments »

How to Enhance EHR Security for Small Businesses

Monday, October 30th, 2017

Using a few added security services, small and medium businesses can run affordable EHR systems without worry. Find your options. 

Whether your practice uses a thousand-dollar EHR (Electronic Health Record) or free software, security should be your primary concern. Small and medium businesses (SMBs) are not financially equipped to pay a large sum for expensive EHR systems. Moreover, the software from large vendors may not exactly meet the requirements of SMBs. For these reasons, SMBs often rely on less expensive options.

This is arguably a smart move from an economic point of view. But what about security of health information in electronic health records? Do these systems fully comply with regulatory requirements including HIPAA? Is there a way to enhance the security of EHR using other means?

EHR Security for Small Business

No doubt, the government requires every EHR vendor to follow basic security measures like encryption (during storage) and access control. However, these might not be enough to prevent a sophisticated attack. Moreover, a number of processes during the use of an EHR can still be open to an attack. For example, texting, videoconferencing (video telehealth), sending or receiving email etc.

As per HIPAA, EHR vendors become business associates only when they have access to the health information. Simply put, if they host your data, they have to comply with all the requirements just like the covered entities. However, those vendors who merely sell software do not need to sign a business associate agreement (BAA).

Read the rest of this post »

Tags: EHR, EPIC, hipaa
Posted in LuxSci Library: HIPAA
1 Comment »

WordPress & HIPAA – can these coexist?

Monday, October 23rd, 2017
For a deep dive, see our white paper: Securing WordPress

As we discussed in an earlier post, WordPress, despite its vulnerabilities, is the world’s most popular content management system for both blogging and creating web sites.  It is popular because it is quick to set up, easy to administer, with a very large choice of plugins for add-on functionality, and themes for making the sites look good.  As a result, many LuxSci customers use WordPress in one fashion or another for their web sites hosted at LuxSci.

As LuxSci caters to a large segment of customers who have specific compliance needs, specifically HIPAA compliance, we are frequently asked about using WordPress in a medical provider setting. Given the information about WordPress vulnerabilities, the question usually asked is whether a site created using WordPress can secure access to electronic protected health information (ePHI) in a way that meets the requirements of the HIPAA-HITECH regulations.

WordPress for HIPAA-compliant sites?

Such questions are reasonable because although WordPress has many great features that make it quick and easy to get a web site running, it is still a third-party tool which is not specifically designed to conform to HIPAA standards. When using any third-party software, you should be aware of the associated risks that are out of your control. Vulnerabilities in WordPress can disrupt your site’s availability, perhaps even lead to a breach of protected and private information. Even if it is the WordPress software that’s at fault, the responsibility for any security lapses still falls on the site owner.

However, it is not all doom and gloom. The short answer to the question posed in the title of this post is “yes”. It is possible with care to build a site with WordPress (including plugins and themes) that is secured in a way that meets the requirements of the HIPAA security rules. The remainder of this post will discuss how this might be achieved.

Read the rest of this post »

Tags: hipaa, security, wordpress
Posted in LuxSci Library: HIPAA, LuxSci Library: Web Design and Programming
No comments »

« Older Entries
Newer Entries »