HIPAA Security Rules
The healthcare industry is a top target for hackers. Why? Electronic Patient Health Information (ePHI) is highly-sought after because this data is more valuable than credit card information. When ePHI is stolen by cyber criminals, it can be sold and used by individuals to gain access to prescription medication, receive medical care, and access financial data.
Simply, the HIPAA Security Rules state that covered entities and their business associates must:
- Protect ePHI
- Plan and establish policies to address security incidents
- Respond to and report an incident
- Establish back-up and business continuity procedures to protect ePHI
Test your HIPAA compliance and security readiness!
- Have you conducted an annual Security Risk Assessment?
- Do you have policies and procedures in place to address breaches?
- Do you have a process for investigating and tracking incidents?
- Have you identified all of your vendors as Business Associates?
- Have your employees gone through HIPAA Security Awareness Assessment?
If you answered “no” to any of these questions, you may be in violation of HIPAA rules and vulnerable to a cyber attack.
Attorney and HIPAA Expert, Paul Hale, J.D., states, “Healthcare organizations are particularly vulnerable because patient data is the gold standard for criminals selling private data on the black market. While the cybercrime crisis can seem insurmountable, there are steps you can take. Guidance on how to maximize your defenses includes: ensuring your vendors, web-hosts, and business associates are HIPAA compliant, updating your software – always installing the recommended patches; maintaining a quality anti-virus and malware program on all of your devices; and backing up your data. In the workplace, security workforce training is essential.”
Safeguard your network and data.
Assess your risk with the HIPAA E-Tool®.
Learn more about our HIPAA legal expert and partner, Paul Hales, J.D., and the HIPAA E-Tool® which will explain the rules and how to comply in plain language.
For more information, guidance and step-by-step instructions to create a robust Risk Analysis and Risk Management Plan, complete the form below: