" secure Archives - Page 2 of 3 - LuxSci

Posts Tagged ‘secure’

Does my online form have to be HIPAA Compliant if it doesn’t ask for medical information?

Monday, September 29th, 2014

HIPAA FormsFor folks in the medical field, there is often a lot of uncertainty regarding which kinds of web forms need HIPAA compliance and which ones do not.  We often have customers asking if this or that form really needs to be secure or not.

The short answer is that you should probably just make ALL of your forms secure, like like it is best to make all pages of your web site secure, no matter what is on the page.  This instills more trust in your web visitors and as a result results in more business.  It doesn’t take much work to secure your forms, so you might as well just do it for all of them in a clear and consistent way.  Your user’s data will be protected, and they will know that you are looking to make the best choices for them, even in cases where it might not strictly be necessary.  This is a good thing.

Back to the original question….

If you are a medical office, do some forms not need to be secure and HIPAA compliant, depending on what is collected?

Note: the following is suggested advice from LuxSci based on our understanding of HIPAA; however, this should not be taken as legal advice.  We advise you to consult your lawyer for accurate legal advice pertaining to your particular situation.

HIPAA requires that all electronic Protected Health Information (ePHI) be secured to protect the privacy of the individuals identified in the ePHI.  So, as long as either (a) HIPAA does not apply to you, or (b) your form does not collect ePHI, then you do not have to secure the web form.

Let’s look at each of the two criteria so that you can tell if either one may apply to you or your form.

Read the rest of this post »

Case Study: LuxSci SecureForm and Ink Signatures Eliminate Downloading, Printing, Signing, and Faxing of Contracts

Friday, January 31st, 2014

For legal reasons, LuxSci’s HIPAA customers are required to physically sign a “Business Associate Agreement” and return it to us.  While this is a simple and commonplace request, it creates a lot of busy work on the part of the customer and LuxSci!

The customer might have to

  1. Download the file
  2. Print out the 19 pages
  3. Sign the agreement
  4. Fax back all pages, or scan it and return electronically

Then, LuxSci might have to

  1. Locate the document
  2. Sort out faxes that are in the wrong order, upside down, blank, or missing pages
  3. Figure out who sent the document
  4. Verify that pages are not missing or changed
  5. Counter-sign the document and attach them to the customer account
  6. Contact customers who have not sent in their documents properly or at all which is crucial to the HIPAA certification process

Multiplied by lots of customers, this creates a lot of unproductive busy work for everyone — and this time costs money.

To simplify this process, LuxSci use its own SecureForm and Ink Signatures technologies to make submission of signed contracts a snap for customers, as well as to eliminate most of the busy work LuxSci itself has to do to manage the process.

In this post, we describe how both technologies work.

Read the rest of this post »

Secure TLS Email for Bank of America Partners

Wednesday, August 28th, 2013

Bank Of America LogoSeveral years back, we discussed Enforcing Email Security with TLS when Communicating with Banks. This is a critical stipulation for many banks that have strict requirements that all email messages be encrypted in transit via TLS when communicating with them.

Bank of America

Bank of America (BoA) is a case in point.  Their requirements are as follows:

Read the rest of this post »

Everything You Wanted to Know about SSL Certificates

Tuesday, January 8th, 2013

SSL certificates are pervasively used on the Internet for securing all the data sent between servers, devices, clouds, phones, computers, etc.  SSL certificates are intrinsic in the encryption of communications using  “SSL and TLS” (how do these work?  What is the difference?) — you can’t have secure communications without them!

In this article, we answer many common and not-so-common questions about SSL certificates.

Read the rest of this post »

Ultimate Control: Manage Access to Your Services with Custom Firewalls

Saturday, October 13th, 2012

Can I block this one IP that is scanning our accounts?  Can I restrict my account so that people can only access it from our office network, or require that they authenticate to WebMail first (using two-factor authentication)?

LuxSci is constantly asked for fine-grained access controls by customers who are in shared environments (sharing the same servers with many other accounts).  However, blocking access from IP addresses globally at the request of one customer may potentially affect other customers using the same system.

That is, until now. LuxSci customers can now configure their own custom firewalls to allow and deny access as they see fit without affecting other customers sharing the same server(s).

Read the rest of this post »

LUXSCI