Is Gmail HIPAA Compliant?
Still one of the most popular online searches in regard to HIPAA, the answer is clear: as a standalone service, Gmail by itself is not HIPAA compliant, but it can be. Even though Google employs some of the best security measures available, sending electronically protected health information (ePHI) using a regular Gmail account is explicitly prohibited... Continue reading
Hurricanes and HIPAA
The HIPAA Privacy Rule was never intended to hinder life-saving missions, or efforts to ensure public health and safety.
Physical Safeguards for HIPAA, Part 2: Workstation Use
In part 1 of this series, we learned that a laptop containing sensitive, protected health information (PHI) was stolen from the car of a West Virginia Health System employee. To make matters worse, the hard drive containing PHI was unencrypted, leaving the data open to access by unauthorized users. While unfortunate, the occurrence does serve to highlight... Continue reading
Physical Safeguards for HIPAA, Part 1: Facility Access
A recent, potential breach of protected health information (PHI) – including social security numbers, financial information, and medical data – was reported by a major health system in West Virginia. The cause? A stolen laptop, taken from an employee’s car. Despite equipping the laptop with security tools (including password protection), the health system failed to... Continue reading