Recent Posts
Posts Are Coming Soon
Stay tuned...
Featured Posts

Electronic Patient Health Information, and it’s risk with Technology

The risk of an unauthorized disclosure of ePHI from a personal mobile device is significant, and yet many organizations have failed to secure their environments. They have instituted a BYOD (Bring Your Own Device) policy due to ease of use. This can all too easily lead to unauthorized disclosures of ePHI, in particular in the following scenarios:

  • The mobile device is lost or stolen, allowing an unauthorized third party to access ePHI

  • The mobile device is left unoccupied

  • The Mobile device gets accessed by an unauthorized user

  • Transferring or placing information on a mobile device or flash drive that is not encrypted

  • The mobile device is traded in without first securely and permanently wiping the data.

Whether ePHI is stored on a desktop computer that only has access to an internet connection or on a personal mobile device, the HIPAA Security Rule guidelines must be implemented whenever ePHI is in transit or at rest/saved.

The HIPAA Security Rule also covers how ePHI can be accessed, and by whom, with the administrative, physical and technical safeguards designed to avoid gaps that can lead to cyber-attacks. or an inadvertent loss of data (mobile device theft etc.).

The HIPAA Security Rule ensures protection of patients and their ePHI, as well as healthcare facilities and health insurance providers.

Follow Us
Search By Tags
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square
  • Facebook Social Icon
  • Twitter Social Icon
  • LinkedIn Social Icon