Smart Buyer
  • Shop On NeweggBusiness
  • Categories
    • Buying Guides
    • Components
    • DIY and How-to
    • Industry Trends
    • NetSec
    • Networking
    • Storage
    • Systems – PC & Laptop
    • Windows
  • About
  • Why NeweggBusiness?
  • Contact Us
Top Posts
PC Cooling: How to Set up Computer Case...
5 Ways to Stream from PC to TV...
How to Choose the Correct RAM Upgrade
How to Troubleshoot a PC Power Supply
Four Apps that Make Your Tablet a Second...
2019 Solid State Drive (SSD) Buying Guide
6 Reasons Your PC is Slow and How...
How-to Guide: Small Office Network Setup
Born in the USA: Computer Hardware Made in...
Computer Monitor Buying Guide 2019

Smart Buyer

  • Shop On NeweggBusiness
  • Categories
    • Buying Guides
    • Components
    • DIY and How-to
    • Industry Trends
    • NetSec
    • Networking
    • Storage
    • Systems – PC & Laptop
    • Windows
  • About
  • Why NeweggBusiness?
  • Contact Us
Healthcare

10 Technology Tips to Avoid HIPAA Violations

by Adam Lovinus August 19, 2015
by Adam Lovinus August 19, 2015 2 comments 10020 views

HIPAA presents an amazing amount of challenges and problems for any entity falling under its umbrella. Now that more states are expanding the definition of a covered entity and/or business associate, it’s time to get serious about locking down your HIPAA data and looking for new ways to increase the security of your environment. Fortunately, technology gives us a helping hand with many of these hurdles and simple, often inexpensive solutions can dramatically improve your compliance efforts and help you avoid HIPAA violations. To that end, here are 10 technology tips that small medical practices—and larger ones too—should be implementing.

1. Mobile Device Management – The vast majority of e-mail providers and even some routers give you tools to control the mobile devices your employees use to access email. Use these tools to require passwords, automatic lockouts, and even remote wipes of company data from lost devices.

2. Security Risk Analysis Toolkit – HIPAA requires all covered entities to perform ongoing security risk analyses as part of their statutory compliance efforts. The Department of Health and Human Services released a free Security Risk Analysis Tool that dramatically simplifies this requirement. This tool is easy to use and gives you the ability to do company-wide analyses or narrow ones, such as changes in your IT infrastructure or a new product rollout.

3. E-mail Encryption – If you are not encrypting e-mails that contain PHI, you should. Encryption services are cheap and provide a secure method for you to send and transmit PHI. Services like Zixcorp make encryption easy to use and implement.

4. Secure Cloud Storage – If you use Dropbox or a service like it, you need to either encrypt the files before uploading them or use a service like Sookasa that will automate your encryption. In one of its most recent settlements, a company called SEMC got into big trouble for using an unencrypted and unsecured cloud site to store and exchange documents. Part of their problem was a failure to conduct a security risk assessment on the their digital document storage and handling.

5. Online HIPAA Management – HIPAA compliance programs are tough to manage, keep up-to-date, and track; use a service like HIPAA Trek. Services like this allow you to consolidate your HIPAA efforts into a single online portal, provide training, and produce easy reports for those pesky OCR auditors.

6. Data Encryption – If you use an Apple, activate FileVault. If you use a PC, there are a wealth of encryption programs out there. The bottom line is that you should never have a computer with PHI in an unencrypted state.

7. Automatic Logoff – Every single computer in your company should be set to automatically logoff after a short period of inactivity and computers in high non-employee traffic areas should require access cards, key fobs, or other devices that require physical token to log in.

8. Network Assessments – If you have never had a network assessment, find a local provider and get one performed. They are usually inexpensive, take a couple weeks, and will reveal a wealth of data and information about your network, devices, sysadmin health, patches, users, data flow, etc. These assessments are a vital part of any HIPAA compliance effort and should be done annually.

9. Encrypted Chat and Messaging – If you use text messages to communicate to clients or to other providers about clients, it needs to be secure and encrypted. Regular text is often stored on cell phone company servers for years and is rarely encrypted. There are a variety of providers out there based upon your needs; research and find the right one for you.

10. Remote Desktops and Virtual Computers – The technology and speed behind resources such as Microsoft Remote Desktop, Citrix, and VMWare makes the storage of real data (PHI) on computers obsolete and frankly unnecessarily risky. These programs allow you to work from anywhere, on any machine with nothing stored locally and every piece of data resting securely on the servers.

The key to any successful HIPAA compliance effort is prior planning and documentation. Any change to your HIPAA environment should be analyzed and reviewed before implementation, but the above tips should provide you with some easy technological steps to improving compliance.

Related content:

  • Most HIPAA Violations Stem from Network Server Breaches
  • Essential Hardware for HIPAA compliance
  • Barcode Scanner Deployment in a Healthcare Setting

Avoiding HIPAA Violations: 10 Simple Technology Tips is authored by Hudson Harris, a HIPAA attorney and privacy expert—read more about the intersection of HIPAA and technology at his blog, Legal Levity.

Adam Lovinus

Adam Lovinus

A tech writer and Raspberry Pi enthusiast from Orange County, California.

More Posts - Website - Twitter - LinkedIn - Google Plus

Summary
Avoid HIPAA Violations with 10 Simple Technology Tips
Article Name
Avoid HIPAA Violations with 10 Simple Technology Tips
Description
Learn ten inexpensive solutions that can dramatically improve compliance efforts and help small medical practices--and larger ones--avoid HIPAA violations.
Author
Hudson Harris
hard drives
2 comments
0
FacebookTwitterGoogle +PinterestEmail
Adam Lovinus
Adam Lovinus

A tech writer and Raspberry Pi enthusiast from Orange County, California.

previous post
DIY NAS: Build a Backup Solution for Under $700
next post
Five Tech Tips to Help You Reduce Paper Waste

Related Posts

What Does Connected Healthcare Look Like?

September 22, 2020

CARES Act Funding Puts Technology to Work

August 20, 2020

What Does Medical Grade Mean for a Computer...

January 30, 2018

Most Wellness Programs Fail; How to Make Yours...

October 11, 2016

For Healthcare Technology Compliance, Don’t Overthink the Hardware

April 25, 2016

4 Questions Healthcare Practices Need to Ask Cloud...

October 29, 2015

Most HIPAA Violations Stem from Network Server Breaches

July 20, 2015

Essential Hardware for HIPAA Compliance in 2015

March 24, 2015

Look for Smartphones to Become a Primary mHealth...

December 19, 2014

Navigating Barcode Scanner Deployment in a Healthcare Setting

October 20, 2014

2 comments

10 Technology Tips to Avoid HIPAA Violations – Guest Author at Newegg Business – Legal Levity August 21, 2015 - 12:18 pm

[…] This week I wrote a guest article for Newegg’s Business blog, Hardboiled. I walked through my 10 Technology Tips on How to Avoid HIPAA Violations. […]

Reply
4 Questions Healthcare Practices Need to Ask Cloud Providers - HardBoiled October 29, 2015 - 9:05 am

[…] 10 Technology Tips to Avoid HIPAA Violations […]

Reply

What's your take? Cancel reply

Subscribe

  • 1

    PC Cooling: How to Set up Computer Case Fans

    February 11, 2021
  • 2

    5 Ways to Stream from PC to TV or Digital Display

    May 23, 2016
  • 3

    How to Choose the Correct RAM Upgrade

    April 28, 2015
  • 4

    How to Troubleshoot a PC Power Supply

    July 11, 2018
  • 5

    Four Apps that Make Your Tablet a Second Monitor

    January 9, 2018
  • 6

    2019 Solid State Drive (SSD) Buying Guide

    December 6, 2018
  • 7

    6 Reasons Your PC is Slow and How to Fix It

    February 28, 2019
  • 8

    How-to Guide: Small Office Network Setup

    December 20, 2018
  • 9

    Born in the USA: Computer Hardware Made in America

    September 27, 2018
  • 10

    Computer Monitor Buying Guide 2019

    January 4, 2019

Newegg + Business

How is this different from Newegg.com?

Why NeweggBusiness?
  • Facebook
  • Twitter
  • Linkedin
  • Email