What can you do to protect telecommuters from eavesdropping and intrusion?
HIPAA Weekly Advisor, November 5, 2001
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Q: What can you do to protect telecommuters from eavesdropping and intrusion?
A: The answer is complicated, because it involves both corporate information policies teleworkers must follow and the use of technology to prevent intrusion and secure remote communication from home to the corporate office through encryption techniques.
First, it will be important to determine which telecommuters access confidential corporate data or protected health information and which ones deal with functions that are not a security concern.
If e-mail is the major form of communication between an offsite employee and the corporation, it's wise to use a virtual private network (VPN).
Access to certain systems should be based on the employee's or contractor's need for access. Few telecommuters should have access to all the corporate data and systems. Limiting access based on the person's role should also limit access to anyone who breaches a telecommuter's personal computer (PC) or home system.
If the home office PC is being used to store or access protected health information, it must be set up to comply with HIPAA. That means that the following things are required:
- password protection
- anti-virus software
- authentication
- a secure location for the computer
- automatic logoff
- disaster recovery and backup (if storing data)
Educate the telecommuters and make sure that family members cannot access the corporate network through the VPN or run unauthorized software that may lead to virus infection.
Remind employees that corporate e-mail still belongs to the organization and can be monitored.
With both the necessary policies and technology in place, the risk of security breaches and loss of data privacy will be reduced, although the threat will never be completely eliminated.
Adapted from an excerpt from HIPAA IT Handbook: Strategies to Protect Health Information. For more information, or to order, go to http://www.hcmarketplace.com/prod/showdetl.cfm?did=6&product_id=10831
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Related Products
Most Popular
- Articles
-
- HIPAA Q&A: Flu shot requirement for hospital employees
- Running an effective peer review committee meeting
- HealthDataInsights posts new issues for medical necessity claims
- Sneak Peek: Effort underway to establish caseload benchmarks
- Q/A: Coding for telescopic intraocular lens
- New FAQ posted on storing laryngoscope blades
- Tip: Perform your own internal investigation prior to government audit
- HIPAA 5010 deadline extended, but threat remains, says AMA
- HHS task force: Consider privacy, security with text messages
- What does case-mix index mean to you?
- E-mailed
-
- Running an effective peer review committee meeting
- HIPAA Q&A: Flu shot requirement for hospital employees
- HHS task force: Consider privacy, security with text messages
- What does case-mix index mean to you?
- Q/A: Coding for telescopic intraocular lens
- Q/A: Correct use of modifier -PT
- Tip: Correctly code bilateral pain management procedures
- "Wall fountains" may be spreading Legionnaires to patients, visitors
- 2012 CPT code changes for ASCs: Shoulder and knee scopes and pain management
- Case Management Monthly, March 2012
- Searched