" privacy Archives - Page 2 of 6 - LuxSci FYI Blog: Learn about HIPAA email encryption, secure email encryption, and more
LUXSCI

Posts Tagged ‘privacy’

The US Online Privacy Law Repeal: How It Will Affect You

Wednesday, April 5th, 2017

As with any politicized issue, there is a lot of misinformation surrounding the repeal of the data privacy framework. Regardless of whether you are a Republican or a Democrat, your online security and privacy rights are going to be affected, so let’s just get the story straight.

This whole issue began back in February 2015, when the Federal Communication Commission (FCC) set up an Open Internet Order. This established net neutrality rules and also reclassified ISPs as carriers under Title II of the Communications Act. This meant that ISPs would be subjected to a new set of regulations.

Read the rest of this post »

If my web site is very simple, do I have to worry about HIPAA compliance?

Friday, March 24th, 2017

We received this questions via Ask Erik from a Physicians’ Association:

“Our company website does not contain any patient information.  As a healthcare group, do we need to worry about HIPAA compliance for our site? It contains forms, news and some company polices and procedures but no patient information whatsoever. Thank you.”

Thank you for your question!  Here, we delve into how you can answer this for your site.

 

Read the rest of this post »

Are you encouraging insecurity via your Web site contact and intake forms?

Friday, April 15th, 2016

Many Web sites have “contact us” pages and other Web forms for receiving requests from existing or potential customers.  This includes “new patient intake” forms on the Web sites of healthcare providers.

 

The garden variety Web form suffers from several serious problems:

  • Spam – Getting unwanted form submissions from Web robots.
  • Privacy – Often, sensitive data is submitted insecurely through these forms.
  • Archival – You may need an archived record and backup of all submissions.
  • Notices – You may need to be alerted of form submissions, even if you are not online.

Proactive privacy vs. neglect of privacy

When your Web forms transmit data insecurely, store or send data insecurely, or otherwise to do not treat the data submitted with the level protection that it deserves, you are putting the users of your forms at risk.

The typical argument is that “it is up to the user of the forms to decide if they want to submit sensitive information.” In fact, many insecure forms even have disclaimers requesting people to not submit sensitive information if they have concerns … and then the forms go on to ask lots of sensitive questions.   Especially without a disclaimer, but even with one, the form is actively soliciting people to submit their information insecurely and requesting them to take risks with their private data.   This is not good.

In areas such as healthcare, where these forms are often collecting sensitive health data (protected health information – PHI), the fact that an organization solicits the submission of PHI through insecure, non-HIPAA-compliant means is far from a “best practice”.  Why?

Read the rest of this post »

Capture where someone filled out your form: Geolocation for SecureForm Form Builder

Monday, February 22nd, 2016

A nurse from your company visits a patient at his/her home and, as part of the process, has to fill out and submit an electronic form describing the visit while there. Capturing the nurse’s exact location (without the need to trust the nurse) when she or he fills out that form is a critical check that the patient received proper care—at the right time and place. This not only protects against nurses lying about their whereabouts, but it also defends you against patients who claim the nurse was not there at a specific time.

Geolocation

Geolocation is the ability for phone, tablet, and some laptops to know exactly where you are in the world (for example, through GPS or other means). This feature is visible in modern Web browsers so that Web pages can query the user’s device to find out the device’s current latitude and longitude and that can translate it into the approximate street address (assuming the location is close to some street address).

Read the rest of this post »

LuxSci takes email privacy seriously … Google owns your Gmail data forever

Wednesday, April 16th, 2014

In recent news, Google is warning consumers that Gmail and google apps are actively scanning your email.

What does this mean?  Google on Tuesday edited its privacy policy to say:

Our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.

When you upload, submit, store, send or receive content to or through our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content.

Read the rest of this post »

LUXSCI