Healthcare organizations can use these 5 strategies to secure electronic protected health information (ePHI). 

Implementing a strong HIPAA Compliance framework is a requirement for all Covered Entities and Business Associates, but many practices don't realize this is also their best strategy to prevent a breach from happening!   My hope is that understanding what the OCR will ask you for after a Data Breach will help you implement an IT security framework that will reduce your chances of ever experiencing a data breach.  

Encryption Could Have Prevented Centene's Data Breach of 950,000 Patient Records

Encrypted Devices with PHI can be lost or stolen and it is not considered a Data Breach.  Encryption is like a Get Out of Jail Free Card!  Health Insurance credentials sell for $20 each on the black market, but when supplemented with personally identifiable information (PII) such as birth date, place of birth, social security number, it can yield over $1000 per record.  These are scary times, and Centene, a St. louis based health insurer is the latest victim of a data breach that will make your head spin.  The worst part is that it could have been easily prevented with one simple and inexpensive security measure.

Implementing a strong HIPAA Compliance framework is your best plan to prevent a breach. Understanding what the OCR will ask you for in the event of a Data Breach, and preparing all of this documentation ahead of time will give you a very good head start on HIPAA Compliance and may just prevent you from experiencing a breach.

The HIPAA Privacy Rule allows covered entities and health plans to disclose protected health information (PHI) to business associates, but only if the business associate signs a Business Associate Agreement in which it assures that it will appropriately safeguard the PHI it receives or creates on behalf of the covered entity.  So, which of your vendors need to sign a B.A. Agreement?  Here is a helpful list of vendors that need to sign your Business Associates Agreement.  You may be surprised!

Hackers are getting more sophisticated every day, and the ways they lure you to give them access to your computer are downright devious.  It is important that all employees are aware of these simple rules that will help prevent intruders from accessing your computer network.