Password Management Programs and HIPAA
This question has come up multiple times over the past few weeks, especially with the HeartBleed issue a few weeks ago. Are password management programs HIPAA compliant? Password Management programs like Dashlane, 1Password, LastPass, etc., help with the inconvenience...
HIPAA in the Cloud
This week we have a client who is trying to decide whether they are going to supply mobile phones for their employees vs. having them use their own (Bringing Your Own Device, or BYOD). The question was, “We are using cloud based apps to store PHI, and there wouldn’t...
Heartbleed and HIPAA
On April 7th, the news hit the wire that there is a serious bug in the OpenSSL program – one of the most popular cryptography programs out there. This bug allowed information normally protected by an SSL/TLS license (a type of encryption) to be compromised. The...
Is it a breach, or not?
This week we had an interesting question come in. One of our clients was copied by a general agent in a response to an application for health insurance. This message contained ePHI that wasn’t encrypted. Was it a breach? What does that mean for the agents? Does the...