Health Information Compliance Alert
ARM YOURSELF AGAINST SECURITY BREACHES WITH THIS STRATEGY
PDF
Use your firewall to ward off malicious attacks
You already have the foundation to build a powerful tool that will correctly route password-protected e-mail attachments--and protect your network from viruses and other malicious software (malware)--it's your firewall.
Most tech specialists recommend that you set your firewall to reject all attachments, but that could destroy your efforts to protect PHI without expensive encryption methods. Jack Holleran, a security consultant based in Baltimore, MD, offers this three-step solution that will protect both your systems and your patients' PHI:
STEP 1. Apply an application proxy to your firewall that allows you to establish rules for what attachments you'll accept. For example, you may decide to only accept Microsoft Word documents or to ban only zipped files (those with the *.zip extension).
STEP 2. Make a list of which e-mail addresses you will receive attachments from, and then set your firewall to allow attachments from those addresses (only) to
pass through. Make sure your vendors supply you with an updated employee list so that no attachments are rejected.
Remember: All attachments should be scanned for malware at the firewall level, even if they are sent from "approved" e-mail addresses.
STEP 3. Recipients should decrypt files and scan them for malware using standard anti-virus software with up-to-date definitions installed on their local computer--before processing the information for business purposes.
Why this strategy works: "You scan all e-mail at the firewall and 'expected' e-mail again at the local level," which provides a strong guarantee that your patients' information will remain confidential, Holleran explains.
Drawback: You must invest in a firewall that permits you to set up an approval system. And, you'll need to purchase anti-virus software for both your firewall and your users' hard drives, Holleran notes. There are many applications that will frequently check that your anti-virus definitions are up-to-date for the latest threats. This cost could be significant.
THE BOTTOM LINE: An advanced firewall system could better protect your organization's unencrypted e-mail application from the viruses and other malware that endanger your patients' sensitive health information.
Health Information Compliance Alert
- SECURITY:
3 PROVEN TACTICS PROTECT YOUR TRANSCRIBED PHI
Use a security questionaire to iron out your vendor's security rule wrinkles
If your medical transcription [...] - SAMPLE DOCUMENT:
SET YOUR VENDORS' SECURITY STANDARDS WITH THIS FORM
Work with your tech team to develop and define your security needs
Your best security rule [...] - CONFERENCES:
CONFERENCE CALENDAR
Here are the informative conference opportunities planned for November:
November 1--2 in Indianapolis: "EHR Summit VI: [...] - SECURITY STRATEGIES:
ARM YOURSELF AGAINST SECURITY BREACHES WITH THIS STRATEGY
Use your firewall to ward off malicious attacks
You already have the foundation to build a [...] - SECURITY SOLUTION:
HERE'S HOW TO PUMP UP YOUR COMPLIANCE PURCHASING SAVVY
Avoid security program rip offs with this guide
Your security compliance hinges on the policies and [...] - SECURITY TIP:
PREPARE FOR A NEW CROP OF PORTABLE DEVICES
Use this list to catch all the new devices in your facility
A slew of new [...] - READER QUESTIONS:
SEND YOUR NPP TO PARTICIPANTS ONLY
Question: We work with an employer-sponsored health plan, but we are confused as to who [...] - READER QUESTIONS:
YOU CAN USE WEB CAMERAS
Question: Our tech team wants to use voice over Internet protocol (VoIP) and Web cameras [...] - READER QUESTIONS:
CHOOSE ONE FEE FOR PATIENT COPIES
Question: We recently realized that our remote sites charge different amounts for patients to receive [...] - HEALTH INFORMATION NEWS
OHIO REPORTERS TAKE HIPAA TO COURT
Health departments and other public health agencies take notice: An [...]