Questions? Talk to a Real Person via our Live Chat
Phishing in the Wrong Pond
By Gil Vidals, , HIPAA Blog, Resources

Phishing in the Wrong Pond

Have you heard the one about the company that decided to plan a “Phishing trip” for their employees? Back in 2016, Atlantic Health System circulated a juicy email, promising employees a raise if they would simply respond with some key verification information. The information included employee id, date of birth, and home zip code. Roughly... Continue reading
Is Gmail HIPAA Compliant?
By Gil Vidals, , HIPAA Blog

Is Gmail HIPAA Compliant?

Still one of the most popular online searches in regard to HIPAA, the answer is clear: as a standalone service, Gmail by itself is not HIPAA compliant, but it can be.  Even though Google employs some of the best security measures available, sending electronically protected health information (ePHI) using a regular Gmail account is explicitly prohibited... Continue reading
Physical Safeguards for HIPAA, Part 2: Workstation Use
By Gil Vidals, , HIPAA Blog

Physical Safeguards for HIPAA, Part 2: Workstation Use

In part 1 of this series, we learned that a laptop containing sensitive, protected health information (PHI) was stolen from the car of a West Virginia Health System employee. To make matters worse, the hard drive containing PHI was unencrypted, leaving the data open to access by unauthorized users. While unfortunate, the occurrence does serve to highlight... Continue reading
Physical Safeguards for HIPAA, Part 1: Facility Access
By Gil Vidals, , HIPAA Blog

Physical Safeguards for HIPAA, Part 1: Facility Access

A recent, potential breach of protected health information (PHI) – including social security numbers, financial information, and medical data – was reported by a major health system in West Virginia. The cause? A stolen laptop, taken from an employee’s car. Despite equipping the laptop with security tools (including password protection), the health system failed to... Continue reading
Skip to content