Cybersecurity and HIPAA Compliance: 5 Ways to Master Both

Published in Member Communities on February 06, 2019

One single attack on your data network can cause chaos to your entire healthcare organization. One update not initiated in time or routine patching skipped can lead to compromised patient data. In addition to clients placing their trust in healthcare organizations to keep them in good health, they are also trusting them to keep their private information protected. In this day and age, the two should go hand in hand. Here are 5 ways to be sure you are mastering both.

  1. Educate Employees

    Your employees likely understand the importance of HIPAA compliance. They have undergone training on how to communicate about patient’s health concerns with others on their healthcare team. However, they may not fully understand the risks they pose to clients when it comes to cybersecurity. One of the best defenses to a cyber attack is employee training. Staff who handle electronically protected health information should be made aware of the risks that can be posed to patients through seemingly harmless behaviors.

  2. Create a System to Bring Your Own Device (BYOD)

    If your employees bring their own mobile devices to and from work, this is certainly a topic of security to be addressed. If employees communicated to one another about patients through their phones, without installing the appropriate security measures, this can be a significant breach of trust and candy to hackers. When they access the network through their device, you need to be certain multi-factor authentication is in place as well as a secure application in which they can access the network. 

  3. Initiate a Physical Defense

    Each time a patient is seen, information about their visit is entered into the computer. Employees need to physically protect these devices by logging out of the system when it is not being used to ensure information is not taken. A protective measure you can take for this is to locks on all screens and devices when they are not being used.

  4. Implement and Review Technical Security

    You may already have a defense system implemented, but it is equally important to continually tighten up your network security. Consider installing encryption software. This encrypts any data sent within the organization, so if a hacker gets ahold of it, it would be nearly impossible to crack. It’s important to remember that unless both the sender and receiver (for example, over email) have encrypted software, it is not adequately protected.

  5. Run Routine Audits
    Stay ahead of the curve by evaluating, recording and examining all security protocols. Have an expert in cybersecurity not only take a look at what you are doing right, but what other vulnerabilities your facility has. 

Protect your organization, your employees and patients by placing HIPAA and cybersecurity at the top of your radar. Reach out today for a vulnerability assessment to see how VGM Technologies can help uphold HIPAA compliance.


comments powered by Disqus

From Our Experts

Pitt Announces New One-Year Masters and Graduate Certificate in Rehabilitation Technology thumbnail Pitt Announces New One-Year Masters and Graduate Certificate in Rehabilitation Technology The University of Pittsburgh Department of Rehabilitation Science and Technology has announced a new 35-credit Master of Rehabilitation Technology (MRT) degree beginning in the fall semester of 2020. The degree can be in one year of full-time study or part-time. The program includes weekly remote classes and in-person labs conducted over one 4-day weekend per semester in Pittsburgh. Home Medical Equipment Providers: An Underappreciated Solution (Until Now) thumbnail Home Medical Equipment Providers: An Underappreciated Solution (Until Now) Miriam Lieber wrote a guest blog for Salient Value about some of the recent wins for DMEs and how they have adapted during COVID-19. Discover Why All Providers Need to Know About Wound Care thumbnail Discover Why All Providers Need to Know About Wound Care Listen in as we talk with Heather Trumm, Director of VGM Wound Care about the importance of all DMEPOS providers paying attention to wound care. Heather also covers new education materials available for VGM Members, and resources that can help you get started in wound care. Discover Why All Providers Need to Know About Wound Care thumbnail Discover Why All Providers Need to Know About Wound Care Listen in as we talk with Heather Trumm, Director of VGM Wound Care about the importance of all DMEPOS providers paying attention to wound care. Heather also covers new education materials available for VGM Members, and resources that can help you get started in wound care. HME Business: What's Your Telehealth Plan? thumbnail HME Business: What's Your Telehealth Plan? HME Business wrote an article about COVID-19 pushing U.S. healthcare to adopt practices it should have integrated years ago, and telehealth is at the top of the list. Why? Because it makes a lot of sense, especially for HME. HME Business: Being Social in the New Normal thumbnail HME Business: Being Social in the New Normal Ty Bello wrote an article that was featured in HME Business that focused on how COVID-19 forced us to adopt a set of new phrases and behaviors into our daily lives. Ty wrote that we can still do things to strengthen our lasting relationships with patients, caregivers, referrals, coworkers and all the people in our lives. Heartland: Signs Ahead Point to ‘Growth' thumbnail Heartland: Signs Ahead Point to ‘Growth' The HME industry has weathered its share of hardships and the current COVID crisis is no exception. But, as “first responders,” providers will get through this too, VGM's Mark Higley said in the kick-off last week to Heartland at Home. ADA Anniversary: A Time of Celebration, Cause for Improvements thumbnail ADA Anniversary: A Time of Celebration, Cause for Improvements To commemorate the 30th anniversary of the Americans with Disabilities Act, VGM & Associates, U.S. Rehab and NCART have released a video featuring longtime champion and lead sponsor of the act, retired Sen. Tom Harkin.