The HIPAA security rule data requirements expand beyond the security of physical computer servers to also cover the ways protected health information is accessed and transmitted to help prevent unauthorized third-parties from accessing electronic PHI.
Below are five tips from TigerText, a secure messaging provider, for protecting electronic PHI and complying with the HIPAA security requirements:
-
Electronic PHI should be encrypted to NIST standards and stored on a secure server.
-
Users authorized to access electronic PHI should have unique usernames and passwords to accurately monitor who is viewing the information.
-
Text messaging solutions utilized by healthcare organizations should allow users to remotely remove users as well as remotely erase communications.
-
Text messaging solutions should allow users to set pre-determined lifespans for electronic PHI to help prevent authorized users from saving the information to their mobile device or any external hard drive.
-
Healthcare organizations should provide HIPAA training on how to properly transmit electronic PHI to those authorized to access the information.
More Articles on HIPAA Compliance:
Top 3 Security Threats to the Healthcare Industry, Tips to Avoid Them
3 Tips to Prepare For Next Round of HIPAA Audits
A Federal Law, But HIPAA Can Play Significant Role in State Court Suits