Comments on: Get Out of HIPAA Jail Free http://www.sosoft.com/blog/2009/10/20/get-out-of-hipaa-jail-free/ Mon, 06 Feb 2012 16:08:40 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Debra http://www.sosoft.com/blog/2009/10/20/get-out-of-hipaa-jail-free/comment-page-1/#comment-616 Debra Fri, 23 Oct 2009 20:42:23 +0000 http://www.sosoft.com/blog/?p=566#comment-616 Seth, Thank you for staying so informed on all this. I understand what you are saying about about full drive encryption and will definitely be doing that ASAP. Your advice is always valued. Seth,
Thank you for staying so informed on all this. I understand what you are saying about about full drive encryption and will definitely be doing that ASAP. Your advice is always valued.

]]> By: tasha http://www.sosoft.com/blog/2009/10/20/get-out-of-hipaa-jail-free/comment-page-1/#comment-615 tasha Fri, 23 Oct 2009 14:17:42 +0000 http://www.sosoft.com/blog/?p=566#comment-615 Seth, I have a provider who stores everything electronically via www.myotherdrive.com this is an ideal online server (with a few minor issues) which allows all data to be encrypted, password protected and best of all? Stored off site with back up options. It allows access to only the providers who need access and is ideal for a new fast forward practice who is moving toward "virtual" offices. Now it does have some issues, such as, any information that needs to be accessed or reviewed, must be downloaded first. Also-you must download the information if you have an internet fax. But this is ideal for a paperless office. Seth, I have a provider who stores everything electronically via http://www.myotherdrive.com

this is an ideal online server (with a few minor issues) which allows all data to be encrypted, password protected and best of all? Stored off site with back up options. It allows access to only the providers who need access and is ideal for a new fast forward practice who is moving toward “virtual” offices.

Now it does have some issues, such as, any information that needs to be accessed or reviewed, must be downloaded first. Also-you must download the information if you have an internet fax. But this is ideal for a paperless office.

]]> By: Seth http://www.sosoft.com/blog/2009/10/20/get-out-of-hipaa-jail-free/comment-page-1/#comment-614 Seth Fri, 23 Oct 2009 00:06:33 +0000 http://www.sosoft.com/blog/?p=566#comment-614 Lois, you can, and most definitely should, use TrueCrypt or a similar product on that flash drive! They are so easy to lose! Do it right away! Debra, I assume by cyber-backups you mean online backups. Virtually all of those services use heavy duty encryption, and most encrypt the data before it is transmitted, so that is great, as far as it goes. In fact, it brings us back to Lois's issue about backups. It is essential that they are encrypted as well. Encrypting the hard drive does not confer encryption to backups of that data on a tape, flash key, or DVD. The backups must be specifically encrypted as well. The reason I am pushing full drive encryption rather than just encrypting certain databases or folders is that you secure everything stored on the system: emdeon claim files, letters, the entire SOS database, and so on, without having to mess with a bunch of different procedures and encryptions keys. If it is stored on the hard drive, it is secure. Disk encryption is pretty easy to do, and the benefits in terms of peace of mind are huge! Lois, you can, and most definitely should, use TrueCrypt or a similar product on that flash drive! They are so easy to lose! Do it right away!

Debra, I assume by cyber-backups you mean online backups. Virtually all of those services use heavy duty encryption, and most encrypt the data before it is transmitted, so that is great, as far as it goes. In fact, it brings us back to Lois’s issue about backups. It is essential that they are encrypted as well. Encrypting the hard drive does not confer encryption to backups of that data on a tape, flash key, or DVD. The backups must be specifically encrypted as well.

The reason I am pushing full drive encryption rather than just encrypting certain databases or folders is that you secure everything stored on the system: emdeon claim files, letters, the entire SOS database, and so on, without having to mess with a bunch of different procedures and encryptions keys. If it is stored on the hard drive, it is secure. Disk encryption is pretty easy to do, and the benefits in terms of peace of mind are huge!

]]> By: Debra http://www.sosoft.com/blog/2009/10/20/get-out-of-hipaa-jail-free/comment-page-1/#comment-613 Debra Thu, 22 Oct 2009 23:08:43 +0000 http://www.sosoft.com/blog/?p=566#comment-613 A theft would be a nightmare - but then dealing with the consequences you mention is even more so. Does encryption software work with Emdeon, cyber back ups, etc. And are cyber backups even allowed? I feel so 20th century with all that is happening. A theft would be a nightmare – but then dealing with the consequences you mention is even more so. Does encryption software work with Emdeon, cyber back ups, etc. And are cyber backups even allowed? I feel so 20th century with all that is happening.

]]> By: Lois http://www.sosoft.com/blog/2009/10/20/get-out-of-hipaa-jail-free/comment-page-1/#comment-612 Lois Thu, 22 Oct 2009 02:26:12 +0000 http://www.sosoft.com/blog/?p=566#comment-612 Thanks you for all of this information. But I have an additional concern: Since I carry about a flash drive that contains just about all of my computer information, I would love to know how to secure the data on it. Any thoughts or suggestions? Thanks you for all of this information. But I have an additional concern:
Since I carry about a flash drive that contains just about all of my computer information, I would love to know how to secure the data on it. Any thoughts or suggestions?

]]> By: Seth http://www.sosoft.com/blog/2009/10/20/get-out-of-hipaa-jail-free/comment-page-1/#comment-611 Seth Wed, 21 Oct 2009 14:44:09 +0000 http://www.sosoft.com/blog/?p=566#comment-611 And this just in.... Laptop Theft Nets Data On 800,000 Doctors The stolen laptop contained personal data on nearly every physician in the country. By Thomas Claburn InformationWeek October 15, 2009 03:47 PM The theft of a laptop belonging to an employee of an insurance trade group has put hundreds of thousands of physician around the country at risk of identity theft. The laptop, belonging to an employee of the Blue Cross and Blue Shield Association (BCBSA), was stolen from a car in late August, according to reports in the Boston Globe and the Chicago Tribune. It contained a database listing the business and personal information of about 800,000 doctors. BCBS apparently is going to offer credit monitoring subscriptions to all those physicians. Yikes! BCBS subscribers will be seeing a bump in their renewal costs, I guess. This would have been a non-issue if the hard disk on that personal laptop had been encrypted. And this just in….
Laptop Theft Nets Data On 800,000 Doctors

The stolen laptop contained personal data on nearly every physician in the country.
By Thomas Claburn
InformationWeek
October 15, 2009 03:47 PM

The theft of a laptop belonging to an employee of an insurance trade group has put hundreds of thousands of physician around the country at risk of identity theft.
The laptop, belonging to an employee of the Blue Cross and Blue Shield Association (BCBSA), was stolen from a car in late August, according to reports in the Boston Globe and the Chicago Tribune. It contained a database listing the business and personal information of about 800,000 doctors.

BCBS apparently is going to offer credit monitoring subscriptions to all those physicians. Yikes! BCBS subscribers will be seeing a bump in their renewal costs, I guess. This would have been a non-issue if the hard disk on that personal laptop had been encrypted.

]]>