HIPAA and ran­somware

Modern Healthcare - - NEWS -

The HIPAA se­cu­rity rule re­quires providers to take a num­ber of steps to pro­tect pa­tient data, some of which can help cov­ered en­ti­ties and busi­ness as­so­ciates pre­vent mal­ware in­fec­tions, ac­cord­ing to HHS.

Im­ple­ment­ing a se­cu­rity man­age­ment process, in­clud­ing a risk analysis to iden­tify threats and vul­ner­a­bil­i­ties to elec­tronic pro­tected health in­for­ma­tion and im­ple­ment­ing se­cu­rity mea­sures to mit­i­gate or re­me­di­ate those iden­ti­fied risks

Im­ple­ment­ing pro­ce­dures to guard against and de­tect ma­li­cious soft­ware

Train­ing users on ma­li­cious soft­ware pro­tec­tion so they can as­sist in de­tect­ing such soft­ware and know how to re­port de­tec­tions

Im­ple­ment­ing con­trols to limit ac­cess to elec­tronic pro­tected health in­for­ma­tion to only those per­sons or soft­ware pro­grams re­quir­ing it Source: HHS’ Of­fice for Civil Rights, 2016

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.