Alicia: Hello everybody, thank you for joining us again today, my name is Alicia Kay and here we have Gil Vidals, the CEO of HIPAA Vault, which is an MSSP specializing in HIPAA compliant cloud services. So I know we’ve touched on WordPress a little bit before, but I know you wanted to focus on it, why the focus on WordPress?
Gil: Well, WordPress is very popular. A few years ago about a quarter of all the websites in the United States were built with WordPress, and now they’ve surpassed 30%, so it’s very popular and a lot of the medical websites that have patient information are going to be built on WordPress.
Alicia: Okay, is WordPress HIPAA compliant out of the box or do you have to add to it to make it HIPAA compliant?
Gil: Yeah, you’ve got to do some work to make it HIPAA compliant, and in all fairness, that’s true of pretty much any of the CMS tools, the content management systems like Drupal and Joomla, there are many, but they all require some work.
Alicia: So they’re not expected to be HIPAA compliant?
Gil: Not really no, you have to work at it.
Alicia: And I know you wanted to start a short series on WordPress, what are some of the topics that you wanted to cover?
Gil: Yeah, I’m really interested in developing a series of these videos for WordPress, and one of the topics is going to be certainly the structure of WordPress and how to make sure it’s secure. Another topic is going to be the plugins. Plugins are extremely popular in adding functionality to WordPress, and those have to be secure as well and a lot of times they’re not, and that’s where the hackers can get in. And then a third topic is going to be permissions and access controls.
Alicia: Okay awesome, and if you guys have anything that you want us to cover about WordPress, please let us know and we’ll cover that in a video!