WordPress – HIPAA Compliant?
Alicia: Hello everybody, thank you for joining us today, I am Alicia Kay, the Social Media Analyst here at HIPAA Vault, and here we have the CEO, Gil Vidals. So lately we’ve been talking about some of the services that we offer and today I wanted to highlight WordPress, a popular CMS. So what exactly is WordPress, Gil?
Gil: So WordPress, as you said, a popular content management system.
Alicia: Okay, and is WordPress HIPAA compliant already?
Gil: Well, that’s a great question, it can be made to be HIPAA compliant, but I would say, out of the box, it’s not HIPAA compliant.
Alicia: Okay, so we deal a lot with customers that have PHI. So how would we go about making it HIPAA compliant for those customers?
Gil: Well this is a short intro video so I can’t go into all the detail, but I would say, for example, WordPress has the ability for two factor authentication. A lot of people ignore that, and they don’t enable it. You need to enable that feature to make it compatible, or make it HIPAA compliant. Another feature would be to use plug-ins that are secure. Many of our customers when they first come to us use plug-ins that are not secure, and that’s a real concern so you have to pay a lot of attention to the plug-ins.
Alicia: Okay, awesome, that’s great advice, is there anything else that you wanted to add to that?
Gil: Well I’d like to say that if anyone has a site that they want to make sure is HIPAA compliant and they’re using WordPress, give me a call and we can talk about it!
Alicia: Okay, awesome, thank you so much!