We have written extensively in the past about the impact of HIPAA regulations on email services, web hosting, faxing, and Skype use. The recent HIPAA changes reflected in the Omnibus rule have a significant impact on the use of these types of services. Here, we examine the new and important considerations based upon the HIPAA Omnibus Rule.
Read the rest of this post »
While use of mobile devices and tablets in medical situations is pervasive; HIPAA compliant synchronization and storage of such information is often seriously lacking. Everyone knows email can contain ePHI, but calendar appointments, address books, and task lists can and do contain just as much ePHI and their secure use must be strictly enforced.
LuxSci’s WebAide collaboration tools, combined with MobileSync for real-time synchronization with mobile phone and tablets (and Outlook 2013), provide a simple and effective HIPAA compliant solution for synchronized mobile accessible calendars, contacts and reminders or tasks (oh ya, and email).
Read the rest of this post »
FTP, the “File Transfer Protocol” has been around almost since the inception of the Internet. As anyone with a web site knows, it permits files to be easily uploaded to and downloaded from servers. It is built into every kind of web site authoring software and even into most web browsers.
Unfortunately, FTP suffers from the same design flaw that pervades the basic usage of email services like POP, IMAP, and SMTP. If used in its default form, all data sent between your computer and the server is sent unencrypted, in “plain text”. This includes your username, your password, and all file data.
Essentially, if you are in a wifi hotspot, anyone there can likely get your username and password and read your files. Similar things can happen even though your direct or or office network connections …. connecting via FTP is like walking down the hall with your username and password taped to your forehead. Any one (or any hidden camera) can see it and use it.
Read the rest of this post »
LuxSci is a small company and our staff are well trained and vigilant, watching for social engineering and other attacks on your accounts and data. We have very strict privacy policies and internal security policies designed to ensure that your data remains confidential and that nothing unauthorized happens to your accounts.
This may sound like normal business, but it really isn’t. We take extra care to protect you.
Read the rest of this post »
WordPress is an extremely popular content management system for both blogging and creating web sites. It’s popular because it is quick to set up, easy to administer, has a very large supported base of add-ons, and looks good. As a result, many LuxSci customers use WordPress in one fashion or another for their web sites hosted at LuxSci.
As we cater to a large segment of customers who have specific compliance needs, e.g. HIPAA compliance, we frequently are asked about using WordPress with ePHI … e.g. using WordPress to provide access to protected health information for members of the WordPress site.
Can this be compliant? Is it a good idea?
Read the rest of this post »
