Resources - Page 63

Server Hardening for HIPAA Systems

When compromising a HIPAA server, more often than not, the fundamental shortcoming (“exploit”) of the software that has allowed a user to gain unauthorized access is not inherent to the software being used, but is often a weakness caused by improper configuration or lack of patch application. The process of disabling the system services that... Continue reading

Multi-factor Authentication, Code Spaces, and the Amazon Attack

Most people are familiar with the idea of passwords, and the importance of using strong ones. However, what many don’t know is that there’s no such thing as an uncrackable password. With proper resources and time, an attacker can crack any password by means of brute force (trying every permutation in a given table). With... Continue reading

Apple’s HealthKit App may Require HIPAA Compliance

At the Apple Worldwide Developers Conference in 2014, Apple unveiled Health, an iOS8 application designed to create a data collection point for third-party accessories. In theory, Health centralizes health data collected by a user in order to interface with wearable technology. In addition to Health itself, Apple also unveiled HealthKit, the developer application programming interface... Continue reading

5 HIPAA Compliance Tips for Healthcare Startups

Maybe more so than any other industry, starting a business in the healthcare field is fraught with pitfalls that could put a serious obstacle in a healthcare company’s path. Handling and manipulating patient information in ways that can help physicians and other healthcare professionals more easily provide care is often the function of new healthcare... Continue reading

Best Web Server for HIPAA Compliant Hosting

Of all the things that make up a website, the most basic and low-level is the webserver. This is the application that serves the hypertext markup language (otherwise known as HTML) content to the user and makes a document that lives on a server somewhere viewable by a user with a web browser. Hypertext Transfer... Continue reading

$800,000 fine for violating HIPAA regulations

In September 2008, employees of Parkview Health System Inc. returned some files to a retiring physician. Allegedly, Parkview Health System initially took custody of these documents in order to facilitate these patients' transfer to new providers. The employees brought these boxes of documentation to her residence and, after realizing she was not home, left the boxes on the driveway. This was an innocent mistake on the part of these employees; this ignorance of HIPAA laws and careless handling of protected health information (PHI) led to a notable violation of HIPAA regulations. This incident resulted in Parkview Health System, Inc. having to pay a sizable 'Resolution Amount'.