As I’ve preached before, if you are going to store PHI on a mobile device (laptop, external hard drive, etc), you better make sure that you encrypt the hard drive. Typically, I am less concerned about desktop PC’s and servers as, you should have proper physical security systems in place. The recent Sutter Medical Foundation [...]
{ 0 comments }
Continue ReadingTake a look at a list of PHI breaches and there are a few items that stand out: Many are at the hands of a contractor Most are portable storage device losses or theft (this includes tapes, laptops, etc) Lots are at big government entities One of the goals of HIPAA regulations is to give [...]
{ 0 comments }
Continue ReadingLaptop. Lost? Stolen? Does it matter? No. Hurley Medical Center in Flint Michigan can’t find a laptop that had upwards of 2,000 patients on it. “The medical center has a policy that laptops must be password protected and have a tracking device…” Quick reminder – password protection doesn’t mean squat. You must encrypt! I am [...]
{ 0 comments }
Continue ReadingYou certainly don’t want your practice name to precede that headline in your local news paper. __________Kept Clients in Dark No two ways about it that is BAD. Yet we have major players screwing up seemingly straight forward issues. Sony with the (repeated) PSP hacks Weinergate – need I say more? Now we have Citibank [...]
{ 0 comments }
Continue ReadingThere is a common (wrong) belief out there that when something is password protected, it is therefore encrypted. This is totally wrong. The recent “loss” of a laptop by BP that contained the personal data of 13,000 people brought this misconception back to light. Briefly: this lost BP laptop was password protected, but not encrypted. [...]
{ 0 comments }
Continue Reading
RAC News