" hipaa Archives - Page 15 of 22 - LuxSci

Posts Tagged ‘hipaa’

Am I at HIPAA-risk if a patient replies to my secure email message?

Tuesday, January 31st, 2017

Here is a question from “Ask Erik:”

Dear Dr. Kangas,  When I write an email to a patient from my LuxSci account, it is encrypted and therefore HIPPA compliant.  When they write me back from their regular email address (it’s often hard to get them to sign up at LuxSci), they are putting [PHI /Medical Information] out without security, but that is not my HIPPA violation as I understand it because patients are not required to keep their PHI secure.  Yet often a patient replying to my email simply hits ‘reply’ and my email is attached to their reply, putting my original email in an insecure from on the Internet.  Does that become therefore a HIPPA violation of mine, especially if I continue to allow this without telling the patient to stop doing this?

Read the rest of this post »

Tags: email, hipaa, tls
Posted in LuxSci Library: HIPAA
No comments »

How To Encourage Patient Consent To Email Marketing Without Feeling Slimy

Thursday, January 26th, 2017

If email marketing is known to produce results across a variety of industries, why do some professionals feel uncomfortable with it?  Why do they feel “slimy”?  It is not uncommon for people to feel hesitant to engage in email marketing because it somehow feels “wrong” to them.    There are several factors at play in this limiting belief; in this article, we shall shed light on them to help dispel this feeling so that you can confidently get to work and grow your business, knowing that you are actually helping others.

Email marketing

Read the rest of this post »

Tags: email marketing, hipaa
Posted in HIPAA Marketing, LuxSci Library: HIPAA
No comments »

What is HIPAA-Compliant Cloud Storage?

Friday, November 11th, 2016

HIPAA-compliant cloud storage complies with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to ensure the security of healthcare patients’ data stored on remote servers accessed from the internet.

HIPAA governs how healthcare providers and their business associates, as defined in the Act, can store, manage, and share personal health information (PHI). If you’re a healthcare provider (or a cloud storage provider working with a healthcare provider), it’s important to understand how HIPAA applies to cloud storage.

With the rising popularity of services like iCloud and Dropbox, many people and companies have become more comfortable with cloud storage. There’s no question these services are convenient; being able to access universally synced data anytime, anywhere, from any device, is incredible.

HIPAA-compliant cloud storage

But that doesn’t mean these services are HIPAA-compliant. HIPAA introduces particular requirements that not every cloud storage provider satisfies.

Don’t make the mistake of assuming that a particular cloud storage option will comply with HIPAA. Storing your data “in the cloud” can make it difficult to achieve the level of security required of healthcare.

Here’s what you need to know about cloud storage to make sure your data is safe and sound — and HIPAA-compliant.

Read the rest of this post »

Tags: baa, dropbox, Google apps, hipaa, HIPAA-compliant cloud storage
Posted in LuxSci Library: HIPAA
No comments »

What Is HIPAA-Compliant Videoconferencing?

Monday, October 10th, 2016

HIPAA-compliant videoconferencing is a form of telecommunication used in health settings, allowing multiple parties (e.g., doctor and patient) to communicate via two-way video and audio transmissions. It provides patients with the same privacy and confidentiality that applies to in-person visits, protecting their information and giving the same care to storage and dissemination of the video as to paper documents under the Health Insurance Portability and Accountability Act (HIPAA).

hipaa-compliant videoconferencing

There are many advantages to videoconferencing with patients rather than meeting them in person. Some patients have limited mobility, making it difficult to visit a healthcare provider physically. Some patient follow-ups only require a quick conversation and don’t require a physical examination. It may also be much more convenient for many patients to have a video conversation than to travel to a doctor’s office. Another benefit is the cost savings; videoconferencing can be much cheaper than in-person visits.

Read the rest of this post »

Tags: hipaa, HIPAA-compliant video conferencing, hipaa-compliant videoconferencing, telehealth, video conferencing, videoconferencing
Posted in Telehealth, LuxSci Library: HIPAA
No comments »

SMS is Broken and Hackers can Read Text Messages. Never use Regular Texting for ePHI.

Thursday, June 23rd, 2016

Security firm Positive Technologies has published a report (see their overview of attack on one time passwords and PDF of the SS7 security problems) that explains how attackers can easily attack the protocols underlying the mobile text messaging networks (i.e. the Signaling System 7 or “SS7” protocol).  In their report, they indicate how this makes it easy to attack the two-factor login methods and password recovery schemes where a one-time security code is sent via an insecure text message.

Devices and applications send SMS messages via the SS7 network to verify identity, and an attacker can easily intercept these and assume identity of the legitimate user.

SMS is Insecure due to SS7 protocol

Read the rest of this post »

Tags: hipaa, Positive Technologies, secure text, Signaling System 7, sms, SS7, text message, willful neglect
Posted in LuxSci Library: HIPAA
No comments »

« Older Entries
Newer Entries »