fbpx

Do You Know the Difference

11May 2019
By HIPAA Vault

Should I obtain either or both statuses?

These are common questions that should be addressed when dealing with the protection of medical data and patient records within a HIPAA Compliant hosting environment. First, the differences:

  • HIPAA Compliance refers to following the proper rules in accordance with requirements and regulations set forth by policies or guidelines.
  • HIPAA Certification is the process to obtain or be awarded a document or designation to attest a person has completed an educational course.

These statuses cannot be used interchangeably; they each have their own separate purposes. For example,…

Read more

How We Envision Multi-Cloud

11May 2019
By HIPAA Vault

The clouds are gathering, so to speak. Multi-cloud technology is no longer on the horizon – it’s here.

Traditionally, healthcare organizations have been slow to embrace the benefits of the cloud, rightfully focusing on the need for essential data security. An MSSP like HIPAA Vault helps alleviate those concerns, by providing a 24/7, managed cloud environment, able to weather the storms of targeted, malicious attacks.

But the possibility of having workloads locked into “the wrong cloud provider” has always been troubling -…

Read more

Why your forms must be HIPAA Compliant

18Apr 2019
By HIPAA Vault

Anyone who handles medical information has probably heard the horror stories about what happens when protected data falls into the wrong hands.

There is, for instance, the $16 million settlement that health insurance giant Anthem is paying in response to the largest U.S. health data breach in history.

In that case, hackers sent spear phishing emails to an Anthem subsidiary, where at least one employee responded to a fraudulent email and opened Pandora’s box for continued attacks. An investigation later found that the data breachRead more

Are Windows Server Platforms HIPAA Compliant

13Apr 2019
By HIPAA Vault

Are Windows Server Platforms HIPAA Compliant?

Mission critical servers are valued for their longevity, and Windows is no exception. As a closed-source technology, Windows Server platforms typically have a long life-cycle, in part, because the training and manuals for the tools are proprietary, just like the software.

But similar to the Windows desktop distributions (XP, Vista, 7, 8,8.1, & 10), the Windows Server architectures can be problematic for HIPAA compliance. Yet with diligent care, a computer running Windows Server can comply with all aspects of HIPAA, and become an acceptable server on which protected health information (PHI)…

Read more

Charity and Security Begin at Home

13Apr 2019
By HIPAA Vault

It’s a debated idea in our national discourse lately, and believe it or not, there’s a parallel to cybersecurity. The charity debate (as we’ll call it) comes as a question of priorities; should we only look after ourselves and our own, and let it end there?

With no political agenda here, we can say that If one truly understands charity toward fellow man – especially in its supreme expression in the “Golden Rule” – the answer would clearly be “no.”…

Read more

Why Establish a Security Culture

13Apr 2019
By HIPAA Vault

Five “Security Culture” Markers:

    • Cybersecurity is a top-down, strategic part of the company’s vision
      Security is linked to business goals and relevant to board-level decisions
    • You’ve determined a “data blueprint” of how data is used
      Your team understands the context in which the data is created and used, and how it is subject to regulation.
    • Annual risk assessments are being conducted
      All risk areas, including staff, practices, and technology, are evaluated regularly.
    • Security skills and governance tools are becoming integrated into daily activities
      You’re enabling the latest protocols and encryption ciphers for data protection, using…
Read more

Why Healthcare Has a Cyberattack Target On It…

14Mar 2019
By HIPAA Vault

We’ve all heard by now that healthcare is seriously lagging in cybersecurity effectiveness. According to a recent study, healthcare ranked 15th out of 18 major U.S. industries in terms of overall cyber health. Another study indicates that in the past seven years, 2,149 breaches have occurred, amounting to 176.4 million patient records disclosed.

If you’re a member of the healthcare industry, or even just a consumer of it (aren’t we all?), these statistics should prompt you to sit up and ask, “Why does healthcare seem to have a target on its back?”…

Read more

Mobile Device Management & HIPAA

26Feb 2019
By HIPAA Vault

Back in 2014, Catholic Health Care Services (CHCS) of the Archdiocese of Philadelphia was serving as an active business associate to six skilled nursing facilities, providing information technology services.

Unfortunately, one of their iPhones containing the unencrypted, protected health information of 412 nursing home patients – including their social security numbers, diagnosis and treatment information, and the names of family members and legal guardians – was stolen.

The resulting breach led to a $650,000 HIPAA fine.

At present, 90 percent of healthcare organizations use or plan to use mobile devices

The incident with CHCS should raise our security caution level, for the…

Read more

Our certifications