HIPAA Best Practices

HIPAA Compliant Secure Messaging

HIPAA Compliance: Mitigate IT Risk Article Courtesy of:  Onramp It is becoming the norm for businesses to outsource all or a portion of their IT needs to third-party cloud service providers (CSPs) or hosting providers in order to increase agility and cut down on costs. As such, it should come as no surprise that this trend is becoming increasingly popular in the healthcare industry. However, doing so for healthcare organizations does not come without its challenges – the root of which lies in maintaining HIPAA compliance, from their own company to the ones they choose to partner with. With that comes a need to protect the privacy and security of electronic protected health information (ePHI) and, in order for IT teams do so, this means mitigating risk should continually be top-of-mind. Let’s explore some best practices to mitigate that risk. UNDERSTANDING RISK ASSOCIATED WITH THIRD-PARTY VENDORS With the increasing popularity of […] Read more »

OnPage – HIPAA & Cybersecurity

“OnPage solved a mandatory requirement we had in our data center for regulatory cybersecurity compliance. To cover physical or cyber intrusions, we have OnPage notifications sent out to the group on an on-call rotation for incident response.”

OnPage Corporation is the Secure Messaging/Critical Alerts Leader: Learn More… The False Promise of HIPAA for Healthcare Cybersecurity HIPAA regulations might not be enough for the current healthcare cybersecurity threats. Article Courtesy of:  Health IT Security The recent ransomware attack on Hollywood Presbyterian Medical Center highlights the healthcare cybersecurity risks organizations face today. Unfortunately, this cyber attack also reveals the inadequacy of the HIPAA Security Rule to provide guidance on the numerous healthcare cybersecurity threats that are not associated with ePHI. The reasons why HIPAA is poorly suited for the risks posed by cyber threats fall into three categories. The first is that this regulatory approach is narrowly focused on the security of PHI and addresses only a part of the overall cyber threat. The second is that a rules-based risk management approach does not work to mitigate the full range of cyber threats and cannot help healthcare organizations increase resilience against […] Read more »