HIPAA Blog - Page 30

Best SQL Server for HIPAA Compliant Businesses

The term “SQL Server” refers to the Relational Database Management System (RDBMS) software which runs on the physical/virtual host. There are many different implementations of SQL (Structured Query Language) and choosing between them is dependent upon the database requirements and can have an impact on compliance efforts when dealing with HIPAA guidelines. Many choices are... Continue reading

Retaining Data for a HIPAA Audit

HIPAA guidelines regarding data retention state that the logs (access/activity) and protected health information (PHI) documentation proving that the covered entity is adhering to the HIPAA Security Rule are retained for six (6) years. This regulation mandates that records are to be retained for essentially any interaction with patient PHI and personally identifiable information (PII),... Continue reading

Server Hardening for HIPAA Systems

When compromising a HIPAA server, more often than not, the fundamental shortcoming (“exploit”) of the software that has allowed a user to gain unauthorized access is not inherent to the software being used, but is often a weakness caused by improper configuration or lack of patch application. The process of disabling the system services that... Continue reading

Multi-factor Authentication, Code Spaces, and the Amazon Attack

Most people are familiar with the idea of passwords, and the importance of using strong ones. However, what many don’t know is that there’s no such thing as an uncrackable password. With proper resources and time, an attacker can crack any password by means of brute force (trying every permutation in a given table). With... Continue reading

Apple’s HealthKit App may Require HIPAA Compliance

At the Apple Worldwide Developers Conference in 2014, Apple unveiled Health, an iOS8 application designed to create a data collection point for third-party accessories. In theory, Health centralizes health data collected by a user in order to interface with wearable technology. In addition to Health itself, Apple also unveiled HealthKit, the developer application programming interface... Continue reading

5 HIPAA Compliance Tips for Healthcare Startups

Maybe more so than any other industry, starting a business in the healthcare field is fraught with pitfalls that could put a serious obstacle in a healthcare company’s path. Handling and manipulating patient information in ways that can help physicians and other healthcare professionals more easily provide care is often the function of new healthcare... Continue reading