Awareness

OMG USB! Physical Media and Protecting PHI

May 25, 2022 Lazarus Alliance 0 Comment

Holistic HIPAA compliance management by Lazarus Alliance

Imagine this scenario: you’ve received some test results from some procedure. Those results are to be moved between institutions because you have doctors in different departments of a healthcare system.

Normally, we’d think that these institutions would electronically transmit these results through some secure channel… but then you see that your doctor has your results, in hand, in a USB key that they plug into their computer.

This, of course, is a considerable risk. HIPAA regulations require that institutions protect PHI in specific ways with straightforward controls, and many threats can undermine physical media.

So, what’s the issue with using USB thumb drives?

What Is the HITECH Act, and How Can I Be Compliant?

Jan 12, 2022 Lazarus Alliance 0 Comment

Secure HIPAA compliance certification by Lazarus Alliance

HIPAA was passed into law in 1996–not exactly the heyday of digital technology. It wasn’t until over a decade later that Congress decided to implement updates to the law to address the rise of digital technology. Their goal? To push providers to update their record-keeping to Electronic Health Record (EHR) systems, secure those systems effectively, and eliminate the loopholes that would prevent adherence to the law.

Thus, the Health Information Technology for Economic and Clinical Health, or HITECH, was born. Here, we’ll discuss some of the changes that HITECH made to HIPAA law and how that informs the compliance obligations of businesses in the healthcare industry.

What is Meaningful Use and How Does it Relate To HIPAA and HITECH?

Nov 3, 2021 Lazarus Alliance 0 Comment

Innovative HIPAA compliance certification by Lazarus Alliance

Healthcare data and privacy have been a priority for lawmakers and IT professionals for decades. Maintaining privacy related to health information, and giving ownership and agency over disclosure to patients, drives current regulations around Personal Health Information (PHI). The most important of these regulations, HIPAA, has undergone various changes and revisions over time to meet modern security demands. One of these changes, the implementation of HITECH and digital record keeping, includes several additional rules on managing digital health records, including the concept of “meaningful use.”

Here, we will discuss what it means when HITECH legal language encourages the meaningful use of health records and how that can impact compliance and security.