HIPAA

Recommended configuration guidelines

Posted by Thomas Davon on

The HIPAA Security regulations for systems certification and accreditation require the following hardware:   Routers: These are the first layers of a multiple-layer defense against any unauthorized access from outside the internal network. What a router does is to provide security by allowing or denying traffic to or from a source or destination IP address and port, as found in the layer 3 IP header.   Firewalls: These are the second layer of a multiple-layer defense against unauthorized access from outside the internal network. A Firewall provides “packet-level” security and inspection and can also allow or deny traffic through specific...

Read more →


The Breach Notification Rule: What to Do If You Have Breach

Posted by Thomas Davon on

Sometimes health care providers may ignorantly or deliberately use or disclose a Protected Health Information (PHI) without a patient’s permission. This is considered a violation of the Health Insurance Portability and Accountability Act (HIPAA) Security and Privacy Rules. In such cases there are procedures to be followed in notifying the relevant authorities. According to the Health Insurance Portability and Accountability Act (HIPAA), a breach is an impermissible use or disclosure of PHI under the Privacy Rule that compromises the security or privacy of the PHI. A Covered Entity (CE) or Business Associate (BA) may use or disclose a patient’s PHI...

Read more →


How to Get Started on Security

Posted by Thomas Davon on

Information security is very important. It is pertinent that not just health care providers but that all and sundry take protecting personal information seriously. Information is one thing that can be used by anyone against another individual and the public at large. If information that is not meant for public knowledge gets out to the public, the result could be quiet devastating. This is why the Health Insurance Portability and Accountability Act (HIPAA) and its privacy and security rules as well as other security laws emphasize the needs for health care providers to put measures in place that will allow...

Read more →


Email and Texting

Posted by Thomas Davon on

This is a digital age and people are no longer finding it easy having one-on-one appointments just to get certain information from their physicians. There are currently different means to send information to a patient as a health care provider. Because of the age and times we are, patients are increasingly demanded that they be communicated with via electronic channels such as emailing and texting. If that is the channel a patient chooses to be reached through, then as a health care provider it is your responsibility to comply. However, Health Insurance Portability and Accountability Act (HIPAA) under its Security...

Read more →


Cybersecurity

Posted by Thomas Davon on

It is not a very safe practice to use paper records in maintaining Protected Health Information (PHI). This is why there is an Electronic Health Record (EHR) that is currently being recommended and used by health care providers to collect patients’ Protected Health Information (PHI) as electronic Protected Health Information (ePHI). Because of the reliance of this Electronic Health Record (EHR) on the internet it becomes not completely safe. ePHI requires an Internet connection in order to conduct any online activity that can be part of Electronic Health Record (EHR) and the use of ePHI. Several health care online practices...

Read more →