PRO+ Premium Content/Pulse

Thank you for joining!

Access your Pro+ Content below.

March 2018, Vol. 6, No. 2

HIPAA compliance not guaranteed with ePHI security

This article is part of the Pulse issue of March 2018, Vol. 6, No. 2

Your healthcare organization believes in a strong cybersecurity program. It employs the latest software to secure patient data, and you feel confident that the clinical files are protected against hackers. This hypothetical setup seems to be solid. The bad news? Those efforts might not comply with HIPAA. That's hard to accept in this age of constantly beefing up technologies to safeguard electronic protected health information (ePHI). But the above scenario illustrates the sometimes forgotten reality that ePHI security and HIPAA privacy obligations don't always work in parallel. "You can't have privacy without security, but you can have security without privacy," said attorney Daniel Farris, partner and co-chair of the technology group at law firm Fox Rothschild LLP. HIPAA broadly divides specifications among its Privacy and Security Rules. The privacy regulations govern how hospitals and other healthcare facilities use and share ePHI, Farris said. Meanwhile, the security provisions cover measures that curtail unauthorized ...

Access this PRO+ Content for Free!

You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login above.
Please provide a Corporate Email Address.
You forgot to provide your first name.
You forgot to provide your last name.
You forgot to provide a job title.
You forgot to provide a company name.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

Features in this issue

Connected medical device security, AI battle health hackers
by Nicole Lewis
More hacker threats, including via connected medical devices, are coming to healthcare organizations, but health IT professionals can look to AI and blockchain for possible help.
Healthcare breaches drop, but ransomware attacks rise
by Shaun Sutner
Patient data breaches dropped in 2017, mainly due to fewer large-scale breaches, but ransomware strikes intensified and insiders kept hacking.
HIPAA compliance not guaranteed with ePHI security
by Scott Wallask
Medical facilities sometimes believe security is equivalent to compliance with HIPAA -- but not so fast. Organizations must consider other aspects when guarding patient data.

Columns in this issue

New risk to cybersecurity in healthcare: Hacker as a service
by Scott Wallask
Health IT and hospital security professionals must try to stay ahead of cyberattacks against electronic patient records. But now hackers are prepping the next generation.
Healthcare ransomware attacks threaten patient safety
by Shaun Sutner
Worry about health IT cybersecurity has shifted from hacker-triggered health data breaches to ransomware and malware exploits that shut down hospitals and threaten patient safety.
5 healthcare cybersecurity best practices for care organizations
by Reda Chouffani
Hospital CIOs who want to ensure that their environments are protected should be sure to implement multifactor authentication and AI-based monitoring to prevent data breaches.

Previous Issue View Pulse Archives Next Issue

Access your Pro+ Content below.

HIPAA compliance not guaranteed with ePHI security

Features in this issue

Connected medical device security, AI battle health hackers

Healthcare breaches drop, but ransomware attacks rise

HIPAA compliance not guaranteed with ePHI security

Columns in this issue

New risk to cybersecurity in healthcare: Hacker as a service

Healthcare ransomware attacks threaten patient safety

5 healthcare cybersecurity best practices for care organizations