Protecting PHI for HIPAA is an ever increasing challenge. How do you protect your client’s or patient’s private health information when taking a laptop in for service? Servicing laptops and PCs or even cell phones can easily lead to a HIPAA violation when the device holds Protected Health Information (PHI).
A couple options for protecting PHI for HIPAA might be to:
1. Store everything related to clients/patients on an encrypted external drive, then back it all up on another external, protected drive.
- a. Use encrypted, password protected folders that have long-complex passwords that make it difficult to be breached. Have your passwords include both lower and upper case letters, as well as digits and symbols (li3ke9TH0IS^), which make it less likely that your files will be breached.
- b. You may also ask your repair shop to sign a partnership agreement whereby they agree to the HIPAA standards for protecting client/patient information.
2. TrueCrypt is free, open source, downloadable software that creates password protected, encrypted section on your computer’s hard drive. The TruCrypt website says:
- TrueCrypt is an application for setting up as well as preserving a real time encrypted data storage device. This means that information is instantly encoded just before it’s stored and decrypted immediately after it’s loaded, with no user mediation. No info saved on a secured volume can be decrypted without having to use the right security password or appropriate encryption keys. Truecrypt makes certain that the whole file system is secured.
HIPAA Compliant Cybersecurity for Professionals
Must-know information about how to protect your telehealth practice from a ransomware attack. Operate w/ EYES WIDE OPEN.
BCTP®-II Telehealth Training & Certificate
The most popular of Telehealth.org’s training and certificate packages, this program allows you to be confident in your abilities to handle yourself in a wide variety of challenging telehealth situations.
Essential Telehealth Law & Ethical Issues
Bring your telehealth practice into legal compliance. Get up to date on inter-jurisdictional practice, privacy, HIPAA, referrals, risk management, duty to warn, the duty to report, termination, and much more!