Posts Tagged ‘s/mime’
Tuesday, February 22nd, 2022
In this article, we discuss what types of email encryption are sufficient to comply with government regulations. TLS encryption is a good option for many organizations dealing with sensitive data and legal requirements. However, TLS does not protect data at rest. Each organization must undertake their own risk assessment to determine which encryption methods are suitable to fulfill legal requirements.
Read the rest of this post »
Tags: California Senate Bill 1386, email encryption, encryption at rest, ePHI, Federal Rules for Civil Procedure, finra, frcp, glba, Gramm-Leach-Bliley Act, hipaa, nasd 3010, nist, pci dss, pgp, s/mime, Sarbanes-Oxley Act, sb 1386, sec 17a-4, smtp, tls
Posted in LuxSci Library: HIPAA, LuxSci Library: Security and Privacy
No comments »
Tuesday, February 15th, 2022
Email encryption is an addressable standard for HIPAA compliance, but that doesn’t mean it’s optional. When sending sensitive data via email, it should be protected with encryption. However, there are many ways to send a secure email message and HIPAA does not require the use of a specific method.
The two most common email encryption methods include SMTP TLS and Secure Portal Pick Up. This article will discuss the differences between them and provide guidance for what to use in a HIPAA compliance context.
Read the rest of this post »
Tags: email encryption, escrow, hipaa, hipaa compliance, s/mime, smtp tls, ssl, tls
Posted in LuxSci Library: HIPAA, LuxSci Library: Security and Privacy
No comments »
Tuesday, October 26th, 2021
Creating a website with “secure” components requires more than slapping together some web pages and adding an SSL Certificate. All a certificate does is create a thin veneer of security. It does not go very far to protect whatever sensitive data necessitated security in the first place. Naive attempts at security can ultimately make the data less secure and more likely to be compromised by creating an appetizing target for the unscrupulous.
So, what do you do beyond paying big bucks to hire a developer with significant security expertise? Start with this article. Its purpose is to shed light on many of the most significant factors in creating secure websites and forms and what you can do to address them. At a minimum, reading this article will help you intelligently discuss your website security with the developers you ultimately hire.
Read the rest of this post »
Tags: cross site scripting, eavesdropping, https, man-in-the-middle, pgp, phishing, s/mime, secureform, ssl, ssl certificate, trust, web site security
Posted in AAA Featured Articles, LuxSci Library: Security and Privacy, LuxSci Library: Web Design and Programming, Popular Posts, Secure Form
No comments »
Tuesday, March 23rd, 2021
It is not easy to create a HIPAA-compliant web site and webmasters often ask us for clarification on best practices when it comes to HIPAA compliance.
We have previously discussed what makes a web page secure and also what makes a web site HIPAA-compliant, but it seems that an explainer on what you should and should not do with web sites in shared and dedicated environments would be useful to many.
Read the rest of this post »
Tags: dedicated server, ePHI, hipaa, hipaa compliance, pgp, s/mime, shared server, unauthorized access, web site
Posted in Business Solutions, Dedicated & Cloud Servers, LuxSci Library: HIPAA, LuxSci Library: Security and Privacy
No comments »
Tuesday, March 2nd, 2021
Telehealth is the new standard thanks to the Covid-19 pandemic. Many medical providers are finding that telehealth is a safer option during the pandemic, and it can also help increase patient access to healthcare and improve outcomes. Along with video appointments, the virtual medicine push includes making protected health information available to patients via a website and collecting similar private information from patients or would-be patients online.
However, where the health information of an identifiable individual is involved, the Health Insurance Portability and Accountability Act (HIPAA) is the official compliance document. The Omnibus rule requires all websites, old and new, to be appropriately designed, or their owners can face potential financial liability into the millions of dollars.
So, what do these requirements mean, and how can HIPAA be followed in the context of a website?
Read the rest of this post »
Tags: backup, disposal, electronic prescription, encrypted, escrow, form, Health Insurance Portability and Accountability Act, hipaa, hipaa-secure, patient, pgp, privacy agreement, protected health information, s/mime, secure ftp, secureline, ssl, web form, web site
Posted in Business Solutions, LuxSci Library: HIPAA, Popular Posts, Secure Form
2 Comments »
