HIPAA, Security, and the Mobile Device

With the inclusion of Biometrics to the IPHONE 5, as seen in this article, http://secureidnews.com/news-item/analysis-biometrics-and-the-iphone/, there are many pros and cons that will affect how to be hipaa compliant.

Awesome that you can use your own identification to open you mobile device but it also comes with organizations and individuals who think this is not such a great thing.

For many years putting sensitive information on your mobile device was a no no, it can be stolen and access easily gained.  That is evident in the rules the Government puts forward like the Health Information Portability and Accountability Act, HIPAA.  A HIPAA Risk assessment requires you to encrypt and safeguard data at rest and in motion, and focus a lot on mobile devices.  So you would think this type of encryption and access would be welcome, well it is in and it isn’t.

Read More

What to Expect When the HIPAA Auditors Arrive?

You think it’s an average, ordinary day and sit back as you go through the mail.  You pull an envelope out of the pile, read the return address and suddenly sit up straight.  You already know the contents of what is inside and your heart rate increases as you carefully slit open the top.  Despite telling yourself you could be wrong as you remove the letter, you discover  you are not.  It is the dreaded OCR audit notification letter.  Cue the panic.

When this letter arrives, there’s no need to hear the theme from “Jaws” in you head.  If you ensure you have made a good faith effort to comply with the HIPAA / HITECH requirements based on the final Omnibus rule, and have documented this as policy mandates, you can breath easier, and when the audit occurs you will not feel as if you are in shark infested waters.

Read More