Resources

Integrating with Your Team: 4 Factors to Remember When Choosing a HIPAA Web Host

When looking for a HIPAA Compliant Host, it is important that you find one that will integrate well with (and essentially be an extension of) your team. The hosting provider will know your objectives clearly and will strive to meet them. In contrast, a non-HIPAA compliant host generally only cares that the network is up... Continue reading

Why HIPPA Compliant Hosting Providers Should Hire a CISSP

Regulatory Compliance | Risk Assessment | Information Assurance | Password Management When providing services to HIPAA clients, guidelines have to be followed and rules put into place; this requires someone that can manage these restrictive measures and become intimately familiar with the processes involved. Professionals who have obtained the CISSP credentials possess this knowledge, with... Continue reading

Vulnerability Scans Should be Required for HIPAA Hosting

Malicious actors want your data, and will actively scan networks in order to discover vulnerabilities. Once they know your network’s weaknesses, they attempt to penetrate the network and gain unauthorized access in order to abuse the system in some way. Abuse may include stealing your data or using the compromised system as part of their... Continue reading

Differences Between PCI DSS Compliance & HIPAA Compliance

HIPAA and PCI DSS are both frameworks for complying with legal guidelines that ensure the underlying data is protected appropriately. So what are the differences? Whereas HIPAA is focused on protecting Protected Health Information (PHI) or Electronic Health Records (EHR), PCI-DSS is centered around an individual’s credit card data. HIPAA is the Health Insurance Portability... Continue reading

When Should You Encrypt PHI Data for HIPAA Compliance?

It's pretty easy to understand that the confidential data must be protected because it is confidential information. However, the question remains of 'where' and 'when' should the data be protected.

Protected Health Information – What, When, Where, Why

Protected Health Information must be encrypted according to HIPAA $164.312 Technical safeguards. At first glance this seems obvious even to a casual observer. PHI data must be encrypted because it contains the private health records of a patient, and this private information must be carefully safeguarded. It’s easy to understand that the confidential data must... Continue reading

12 Key Terms in a HIPAA Business Associate Agreement (BAA)

Last week I introduced the essentials of the Business Associate Agreement (BAA) and why it is important. Today I'm focusing on the specifics of what a BAA includes and which terms need to be included in any good BAA. The BAA delineates the responsibilities of the parties signing the document ensuring each party knows their responsibilities and roles in protecting the electronic health records.

What is a BAA and Why is it Required to be HIPAA Compliant?

For those that are hosting Protected Health Information (PHI) and are searching for a HIPAA compliant web host, one of the key components is the Business Associate Agreement or BAA. A BAA is an agreement between two parties where at least one of the two parties is handling PHI or Electronic Health Records (EHR).

The Importance of True HIPAA Compliance

HIPAA compliance is not optional when it comes to hosting private medical files. It is a requirement that can result in a fine and other penalties if violated, even accidentally. Many hosts claim to offer HIPAA compliant hosting, but in fact, may be missing certain features that could result in a breach of data security and/or a violation of HIPAA compliance.

HIPAA Fundamentals

HIPAA is the legislature that was proposed by Senators Kennedy and Kassebaum and signed into law by President Clinton in 1996. Title II, a standard of electronic health care transactions This section defines a national standard by which companies that are transacting in Protected Health Information must follow. Protected Health Information or PHI What is... Continue reading