" privacy Archives - HIPAA News, Web & Email Security Tips & News - Plus More | LuxSci
LuxSci

Posts Tagged ‘privacy’

6 Essentials For Privacy and Security in Telehealth

Thursday, September 21st, 2017

HIPAA covers Telehealth but does this make it safe? Learn the measures that ensure patient safety and privacy while using a virtual doctor visit program. 

The rise of telehealth in healthcare has transformed patient-doctor interaction. Nonetheless, the privacy and security of protected health information (PHI) still remain a big question. These concerns make sense because a new technology, usually, comes with new challenges.

What is Telehealth?

Luckily, every problem comes with a solution. Thus, making a few smart choices can work wonders to keep the patient data protected.

Read the rest of this post »

Kick Your Privacy Up a Notch with Tor

Monday, May 8th, 2017

Online privacy is becoming more important as our lives increasingly migrate to the internet. With government surveillance intensifying, you may have come across the term Tor as a way to protect yourself. So what exactly is it?

The Onion Router (TOR), is an open source project that aims to provide anonymous communication for its users. The underlying technology was initially developed by the United States Naval Research Laboratory in the nineties as a way to protect communications within the intelligence community. Tor has since moved over to the open source community, supported by a range of volunteers, privacy advocacy groups, various US government departments and others.

Tor - The Onin Router

Tor allows web browsing, messaging and chat, as well as access to .onion websites, which are a secretive side of the internet. Unfortunately, Tor cannot give a user complete anonymity, particularly from government level surveillance. This is because these entities have the capability to correlate the traffic that goes into Tor with the traffic that exits. Despite this, it is still a useful tool that can help to enhance privacy in a range of use cases.

Read the rest of this post »

Generation Z are Hitting the Workforce: is Your Business Ready to Keep them Secure?

Monday, May 1st, 2017

Generation Z are already beginning to embark on their careers. While the divide between each era is certainly blurry, those born after the mid 90s tend to have different attitudes to life and the workplace compared to those who came before them.

Understanding Generation Z, their habits and their values is crucial for any business that wants to fully embrace the next wave of talent. It’s important to remember that their different views and practices will also have a range of security ramification. From their desire to constantly stay connected down to their privacy attitudes, the way that the new generation functions means that companies need to adapt in order to stay secure.

Generation Z

Read the rest of this post »

Tighten Up Your Security with a VPN: LuxSci’s Guide to Choosing One that Works for You

Monday, April 24th, 2017

As online crime figures continue to grow and government spying moves forward unabated, many people are becoming worried about their privacy and security. With the US Government striking down a set of privacy laws that were set to boost individual rights on the internet, things are getting pretty grim.

In recent years, VPNs have become more popular for personal use as individuals attempt to reclaim some sense of anonymity online. Given how many entities could be looking at your activity – governments, advertisers, your ISP and criminals – a VPN is one of many tools you can use to help protect yourself. VPNs can also be useful for circumventing censorship or accessing geo-restricted content.VPN Security

A VPN can be excellent for helping you stay safe online, but you also need to be aware of the limitations. Unfortunately, VPNs aren’t some magic technology that immediately makes you impenetrable – they are merely something that enhances your security.

You also need to be aware that not all VPNs are created equal. In fact, the VPN industry is incredibly messy and the dodgy operators far outnumber the good. There is a huge disparity in the services and protection level that are on offer. This ranges from the free VPNs, which are poorly regarded, to the scammy companies that are just in it to make a buck, to the more trusted options that generally have good reputations. Finding a reliable VPN isn’t the end of the battle. You also have to set it up and use it properly.

Read the rest of this post »

Data Privacy Laws: How Does the US Stack Up Against the EU?

Wednesday, April 12th, 2017

by Josh Lake

As the media attention surrounding the repeal of the data privacy framework begins to calm down, now is the perfect time to examine where the USA stands with our current laws. As one of the most culturally and economically similar parts of the world, comparing our laws against Europe’s can provide a good frame of reference.

While the US government is focusing on stripping back red tape in a bid to kickstart business, the European Union has gone in the other direction and is stepping up its bureaucracy with the General Data Protection Regulation (GDPR). These new laws come into play in May 2018, so businesses are hard at work to make sure they will be compliant when the date swings around.

Read the rest of this post »

The US Online Privacy Law Repeal: How It Will Affect You

Wednesday, April 5th, 2017

As with any politicized issue, there is a lot of misinformation surrounding the repeal of the data privacy framework. Regardless of whether you are a Republican or a Democrat, your online security and privacy rights are going to be affected, so let’s just get the story straight.

This whole issue began back in February 2015, when the Federal Communication Commission (FCC) set up an Open Internet Order. This established net neutrality rules and also reclassified ISPs as carriers under Title II of the Communications Act. This meant that ISPs would be subjected to a new set of regulations.

Read the rest of this post »

If my web site is very simple, do I have to worry about HIPAA compliance?

Friday, March 24th, 2017

We received this questions via Ask Erik from a Physicians’ Association:

“Our company website does not contain any patient information.  As a healthcare group, do we need to worry about HIPAA compliance for our site? It contains forms, news and some company polices and procedures but no patient information whatsoever. Thank you.”

Thank you for your question!  Here, we delve into how you can answer this for your site.

 

Read the rest of this post »

Are you encouraging insecurity via your Web site contact and intake forms?

Friday, April 15th, 2016

Many Web sites have “contact us” pages and other Web forms for receiving requests from existing or potential customers.  This includes “new patient intake” forms on the Web sites of healthcare providers.

 

The garden variety Web form suffers from several serious problems:

  • Spam – Getting unwanted form submissions from Web robots.
  • Privacy – Often, sensitive data is submitted insecurely through these forms.
  • Archival – You may need an archived record and backup of all submissions.
  • Notices – You may need to be alerted of form submissions, even if you are not online.

Proactive privacy vs. neglect of privacy

When your Web forms transmit data insecurely, store or send data insecurely, or otherwise to do not treat the data submitted with the level protection that it deserves, you are putting the users of your forms at risk.

The typical argument is that “it is up to the user of the forms to decide if they want to submit sensitive information.” In fact, many insecure forms even have disclaimers requesting people to not submit sensitive information if they have concerns … and then the forms go on to ask lots of sensitive questions.   Especially without a disclaimer, but even with one, the form is actively soliciting people to submit their information insecurely and requesting them to take risks with their private data.   This is not good.

In areas such as healthcare, where these forms are often collecting sensitive health data (protected health information – PHI), the fact that an organization solicits the submission of PHI through insecure, non-HIPAA-compliant means is far from a “best practice”.  Why?

Read the rest of this post »

Capture where someone filled out your form: Geolocation for SecureForm Form Builder

Monday, February 22nd, 2016

A nurse from your company visits a patient at his/her home and, as part of the process, has to fill out and submit an electronic form describing the visit while there. Capturing the nurse’s exact location (without the need to trust the nurse) when she or he fills out that form is a critical check that the patient received proper care—at the right time and place. This not only protects against nurses lying about their whereabouts, but it also defends you against patients who claim the nurse was not there at a specific time.

Geolocation

Geolocation is the ability for phone, tablet, and some laptops to know exactly where you are in the world (for example, through GPS or other means). This feature is visible in modern Web browsers so that Web pages can query the user’s device to find out the device’s current latitude and longitude and that can translate it into the approximate street address (assuming the location is close to some street address).

Read the rest of this post »

LuxSci takes email privacy seriously … Google owns your Gmail data forever

Wednesday, April 16th, 2014

In recent news, Google is warning consumers that Gmail and google apps are actively scanning your email.

What does this mean?  Google on Tuesday edited its privacy policy to say:

Our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.

When you upload, submit, store, send or receive content to or through our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content.

Read the rest of this post »