Website security used to be simple – configure a few settings and call it a day.
That’s not enough to secure your company’s online presence today. First, reducing website security to a single technology oversimplifies the security threats you face. Second, you also need to give thought to the full range of security risks you face.
Read the rest of this post »
Book 2 in the LuxSci Internet Security Series.
Created by Erik Kangas, PhD
This LuxSci eBook is your well-researched guide to both a critical understanding of the specific issues and concepts of HIPAA as it applies to web sites, so that you stay compliant with these government standards. This document will provide a framework for your health care organization to keep the privacy of patient information front and center while still having an engaging web presence. Providers will have the necessary tools to meet all requirements established by HIPAA for access to, storage of, and transmission of protected health information (PHI) through web sites.
This eBook includes sections on:
You buy a HIPAA compliant web hosting infrastructure. You configure your web site to send out email messages in the simplest way, e.g. through PHP mail, or some other generic and standard mechanism. You think you are all set — but you are not.
HIPAA compliant web hosting services provide a server infrastructure that allows you to be compliant; however, it doesn’t make you compliant. Your web designers must make choices and program your site so that it properly respects ePHI. If they do not do all the appropriate things, you will be out of compliance. E.g. see: 7 steps to make your web site HIPAA-secure.
In particular, email messages sent in the “normal way” from a web site will go out insecurely in a way that will violate the HIPAA Security Rule if they contain ePHI of any kind. E.g. they will not be encrypted and will not be archived.
Read the rest of this post »
WordPress is an extremely popular content management system for both blogging and creating web sites. It’s popular because it is quick to set up, easy to administer, has a very large supported base of add-ons, and looks good. As a result, many LuxSci customers use WordPress in one fashion or another for their web sites hosted at LuxSci.
As we cater to a large segment of customers who have specific compliance needs, e.g. HIPAA compliance, we frequently are asked about using WordPress with ePHI … e.g. using WordPress to provide access to protected health information for members of the WordPress site.
Can this be compliant? Is it a good idea?
Read the rest of this post »
Many LuxSci web hosting customers use WordPress. The following video, first in our new series of tutorial videos, walks you though how to install and configure WordPress for standard use on LuxSci. In the future we will also have additional WordPress videos for advanced topics such as site migrations and SSL-only blogs.
