Is it Safer Online? Coronavirus, Cybersecurity, and HIPAA
By Stephen Trout, , HIPAA Blog

As schools, businesses, healthcare organizations, and individuals everywhere seek to adjust to the COVID-19 pandemic with safer ways of operating, many are opting to work from home or transition their business services to online portals. This move to do more than social distancing to “flatten the curve” is certainly warranted – especially for those health providers who serve higher risk populations. (For an excellent summary of how healthcare is being impacted, see this short video, Why Fighting the Coronavirus Depends on You.)

The business reasons for this, of course, are also clear: try to stay afloat (continue to serve your employees, customers, and communities) by adopting increasingly digital alternatives. Particularly for those healthcare companies poised to add or augment their online services, secure, compliant solutions must be embraced. 

This means that HIPAA compliant websites and hosting will be needed for those handling electronically protected health information (ePHI), and secure solutions such as encrypted email and file-sharing can also help keep you (and your customer’s data) safe from unintended disclosures. For guidance on any of these issues, HIPAA Vault can help.   

Capitalizing on Fear

With HIPAA compliance will come the need for additional cybersecurity and scanning for networks, databases, and devices. This is both timely and critical, as malicious actors are already hard at work to exploit COVID-19. By playing on people’s fears for their own illicit profit, these cybercriminals use phishing scams that seek to penetrate networks, disable systems, and hold data for ransom. (To date, thousands of coronavirus-related domains have sprung up since January of 2020, with hundreds of these sites now identified as suspicious).

This scenario of dodging a pandemic virus only to get a malicious, “virtual one” may also have far-reaching consequences, especially if companies simply react without taking the steps to properly secure their domains and networks. Proactive security education and staff training to help employees get up to speed with new workplace security protocols – not unlike a healthy reminder for practicing good hygiene – will also be critical. 

As we continue to be vigilant and compassionate in the new ways we conduct business, these issues of cyber-safety must be addressed. This is one more way we care for people, as we seek to thwart those that would do harm for selfish gain. Protecting sensitive networks and data and maintaining compliance with HIPAA go hand-in-hand with striving for this goal. 

(Note: Be aware that coronavirus phishing scams will typically carry “COVID-19 News,” or “Important Update” in the subject line, and ask you to click on an attachment or hyperlink. As mentioned, hackers will continue to use these and other “social engineering” techniques to get a foothold in your system.)          

HIPAA Vault is a leading provider of HIPAA compliant solutions, enabling healthcare providers, business organizations, and government agencies to secure their protected health information from data breaches, threats, and security vulnerabilities. Customers trust HIPAA Vault to mitigate risk, actively monitor and protect their infrastructure, and ensure that systems stay online at all times. In addition, HIPAA Vault provides secure email and file sharing solutions to improve patient communications, and participates in SBA 8(a), HUBZone, GSA, and DBE programs. For more information, please visit our website at