Does anyone know the #1 reason for a PHI data breach? That’s right, a lost or stolen storage device that is not encrypted. Follow on question: what is the only Safe Harbor for a lost or stolen storage device? Encryption! So, the worst offender is an un-encrypted storage device, yet one of the easiest things [...]
{ 0 comments }
Continue ReadingIt is not unusual for me to rant here about the ridiculous level of recklessness the medical community has for our PHI. Specifically, the easiest thing to point out, as it happens all the time, is the “theft” (or loss) of a portable storage device. For those keeping score, a portable storage device is anything [...]
{ 0 comments }
Continue ReadingAs I’ve preached before, if you are going to store PHI on a mobile device (laptop, external hard drive, etc), you better make sure that you encrypt the hard drive. Typically, I am less concerned about desktop PC’s and servers as, you should have proper physical security systems in place. The recent Sutter Medical Foundation [...]
{ 0 comments }
Continue ReadingTake a look at a list of PHI breaches and there are a few items that stand out: Many are at the hands of a contractor Most are portable storage device losses or theft (this includes tapes, laptops, etc) Lots are at big government entities One of the goals of HIPAA regulations is to give [...]
{ 0 comments }
Continue ReadingLaptop. Lost? Stolen? Does it matter? No. Hurley Medical Center in Flint Michigan can’t find a laptop that had upwards of 2,000 patients on it. “The medical center has a policy that laptops must be password protected and have a tracking device…” Quick reminder – password protection doesn’t mean squat. You must encrypt! I am [...]
{ 0 comments }
Continue Reading
RAC News