TIP: Communicate your laptop security policies
HIPAA Weekly Advisor, June 21, 2010
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Editor’s note: This is the second in a series of tips in HIPAA Weekly Advisor on laptop security. The excerpts are courtesy of the HCPro, Inc. newsletter, Briefings on HIPAA.
Organizations don’t always do a good job of communicating their laptop and portable device security policies, says Ali Pabrai, CISSP, CSCS, CEO of ecfirst, Inc., and CEO and cofounder of HIPAA Academy in Newport Beach, CA.
After conducting assessments and audits at organizations nationwide, Pabrai says that organizations often don’t enforce their policies and don’t articulate the requirement that information must be encrypted.
Encourage users not to store sensitive data on laptop computers, says Phyllis A. Patrick, MBA, FACHE, CHC, cofounder and managing director of AP Health Care Compliance Group, which has offices in Pittsburgh and Purchase, NY. Available technology allows users to access data from file servers or via wireless methods, so staff members don’t need to store sensitive information directly on laptop computers, she says.
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Identify potential Medicaid RAC target areas
- Topic: CMS, OESS post new security compliance review information, checklist
- HIPAA Q&A: Level of encryption needed for email
- Capturing all necessary codes for IUD insertion and removal can be challenging
- What does case-mix index mean to you?
- OB services: Coding inside and outside of the package
- QA:Coding multiple initial infusions
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- HIPAA Q&A: Level of encryption needed for email
- Q&A: Follow CMS' coding guidelines when using modifier -25
- Catch up on what's new with injections and infusions
- CMS has reformulated payments for some bilateral procedures
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- What does case-mix index mean to you?
- ED-to-inpatient transfers are flawed with safety gaps
- Searched