HIPAA Certification vs Compliance – Do You Know the Difference?
All healthcare organizations, health app developers, and associated covered entities are responsible to protect sensitive, medical data. But will a simple software solution or training course be sufficient to make them HIPAA compliant? Certainly, technology plays an important role. But HIPAA compliance depends on much more than the right security tools, or even obtaining a certification. So... Continue reading
How to Save a Life
Sadly, it’s happened: As reported in the New York Times, on September 10 a woman fighting for her life was turned away from the University Hospital, Düsseldorf because hospital servers were infected with ransomware. With vital systems crashing, emergency treatment could not be administered. By the time the woman could receive services – in another hospital,... Continue reading
What 3 Recent Breaches Teach us About Data Security
A quick survey of 3 recent breaches – including one very high profile case – reminds us to be especially vigilant to avoid these all-too-common scenarios with protected health information Breach #1: PHI on paper – even in your personal briefcase – isn’t good protection, and can lead to a breach of PHI The following breach... Continue reading
HIPAA Compliance is an Ongoing Process
Congratulations, you’ve made a wise choice to entrust your sensitive data to a proven, HIPAA compliant hosting specialist like HIPAA Vault! But wait – in terms of overall compliance, what does that really mean? It does mean that the technical infrastructure we employ to host your sensitive data is fully compliant – expertly designed with multiple layers of security to... Continue reading
How to Make Your Website HIPAA Compliant
They say you never know until it hits you. Whoever “they” are, they’ve got a point – especially if the “it” is failing to secure someone’s personal, protected health information (PHI). Once this sensitive data is divulged, the genie is out of the bottle – and the impact can be staggering. Just ask Advocate Health... Continue reading
How FISMA Requirements Can Impact HIPAA Compliance
In the world of compliance requirements, two types of business practices are generally distinguished. The first, known as the “private sector,” are those regulations that apply to the for-profit, commercial industry. These may include HIPAA (for protected health information), SOX (for financial reporting), GLB (pertaining to information sharing), and others. The “public sector,” on the... Continue reading
HIPAA Encryption – Choosing the Right Kind
Everyone familiar with HIPAA agrees that protecting sensitive data like protected health information (PHI) is critical, and most realize that encryption is the technique of choice; however, this seems to be the extent of most people's knowledge.
Kubernetes and Security: 6 Keys for HIPAA Compliance
When it comes to deploying applications and services at scale, the ability to use efficient, containerized pieces of software has clearly changed the game. Containers are highly valued for their portability and ability to run on various environments – including local desktops, virtual and physical servers, test and production environments, and in private or public... Continue reading