Cybersecurity and HIPAA Compliance: 5 Ways to Master Both

Published in Member Communities on February 06, 2019

One single attack on your data network can cause chaos to your entire healthcare organization. One update not initiated in time or routine patching skipped can lead to compromised patient data. In addition to clients placing their trust in healthcare organizations to keep them in good health, they are also trusting them to keep their private information protected. In this day and age, the two should go hand in hand. Here are 5 ways to be sure you are mastering both.

  1. Educate Employees

    Your employees likely understand the importance of HIPAA compliance. They have undergone training on how to communicate about patient’s health concerns with others on their healthcare team. However, they may not fully understand the risks they pose to clients when it comes to cybersecurity. One of the best defenses to a cyber attack is employee training. Staff who handle electronically protected health information should be made aware of the risks that can be posed to patients through seemingly harmless behaviors.

  2. Create a System to Bring Your Own Device (BYOD)

    If your employees bring their own mobile devices to and from work, this is certainly a topic of security to be addressed. If employees communicated to one another about patients through their phones, without installing the appropriate security measures, this can be a significant breach of trust and candy to hackers. When they access the network through their device, you need to be certain multi-factor authentication is in place as well as a secure application in which they can access the network. 

  3. Initiate a Physical Defense

    Each time a patient is seen, information about their visit is entered into the computer. Employees need to physically protect these devices by logging out of the system when it is not being used to ensure information is not taken. A protective measure you can take for this is to locks on all screens and devices when they are not being used.

  4. Implement and Review Technical Security

    You may already have a defense system implemented, but it is equally important to continually tighten up your network security. Consider installing encryption software. This encrypts any data sent within the organization, so if a hacker gets ahold of it, it would be nearly impossible to crack. It’s important to remember that unless both the sender and receiver (for example, over email) have encrypted software, it is not adequately protected.

  5. Run Routine Audits
    Stay ahead of the curve by evaluating, recording and examining all security protocols. Have an expert in cybersecurity not only take a look at what you are doing right, but what other vulnerabilities your facility has. 

Protect your organization, your employees and patients by placing HIPAA and cybersecurity at the top of your radar. Reach out today for a vulnerability assessment to see how VGM Technologies can help uphold HIPAA compliance.


comments powered by Disqus

From Our Experts

Clarification on What is a “Healthcare Provider” in the FFCRA thumbnail Clarification on What is a “Healthcare Provider” in the FFCRA In phase 2 of the government's COVID-19 relief package, passed nearly 2 weeks ago and known as the Families First Coronavirus Response Act (FFCRA), there was language exempting certain business types from being required to offer expanded medical leave and sick leave to their employees. VGM clarifies these exemptions in the following article. House Passes Coronavirus Stimulus Plan - HME Legislation Included! Heading To The President's Desk thumbnail House Passes Coronavirus Stimulus Plan - HME Legislation Included! Heading To The President's Desk On March 27, the Coronavirus Stimulus Package, H.R. 748, passed the House. The bill will now head to President Trump's desk for his signature. Much needed reimbursement relief will be coming to home medical equipment suppliers! The bill includes language from H.R. 2771, which provides relief for areas deemed rural and non-rural by CMS. U.S. Small Business Administration Offers Low-Interest Rate Loans thumbnail U.S. Small Business Administration Offers Low-Interest Rate Loans The U.S. Small Business Administration (SBA) is offering designated states and territories low-interest federal disaster loans for working capital to small businesses suffering substantial economic injury as a result of the coronavirus (COVID-19). Out of Equipment? Too Much Equipment? SWAP IT. thumbnail Out of Equipment? Too Much Equipment? SWAP IT. VGM would like to help our members help supply equal demand whenever possible. Some of you will run out of equipment, while others will be sitting on a surplus of that same equipment. We are opening up our vgm.com members only portal as a venue for providers to identify areas (both geographic areas as well as equipment categories) where demand is outweighing supply, or vice versa. Providers who so choose can share/rent/buy equipment to/from one another. Member Q&A: Am I an “Essential Business”? thumbnail Member Q&A: Am I an “Essential Business”? In every instance we are aware of right now, DMEPOS providers have been categorized as essential and may continue to operate, though it may make sense for them to change or scale back their operations temporarily, prioritizing what has to be done now and what can wait. Based on the information above, VGM feels comfortable stating that you, the companies who provide DMEPOS related products and services, are indeed essential during this COVID-19 pandemic. CPAP Devices Can Be Used as Ventilators During Coronavirus Outbreak, FDA Guidance Says thumbnail CPAP Devices Can Be Used as Ventilators During Coronavirus Outbreak, FDA Guidance Says As of March 22, new temporary guidance from the FDA allows hospitals to re-purpose existing products such as CPAP devices as ventilators, an effort to meet major shortages in the United States during the coronavirus outbreak. Episode 49: COVID-19 Updates for DMEPOS Providers thumbnail Episode 49: COVID-19 Updates for DMEPOS Providers VGM's Payer Relations experts Ronda Buhrmester and Craig Douglas team up to give an update on COVID-19 for DMEPOS providers. Families First Coronavirus Response Act Signed This Week thumbnail Families First Coronavirus Response Act Signed This Week The Senate has passed (by a vote of 90-8), and President Trump has signed, the second COVID-19 relief package, known as the Families First Coronavirus Response Act (H.R. 6201).