You just woke up in cold sweat because you realized that you never bought holiday gifts for your cousins who love regulations, your forgetful uncle Jerry, your quick-minded aunt, your tech-savvy nieces and nephews, and of course something for you. Now shipping deadlines have passed, store shelves are barren, and inflation has made some of those must-have items 3x what they should cost. And forget about wrapping up those gifts, as there’s hardly any time left before Santa arrives.
While you are in your turkey-tryptophan-induced state of (peace-of-) mind, we thought we’d include you in our insights of the price people generally are comfortable paying for peace-of-mind. Read more
Folklore of Opportunistic Privacy
There is a wide body of people that believe they are sending information private because they are sending using Microsoft Office 365, Gmail, or using a third-party service that sends all messages using transmission layer security.
Pig Latin, Russian Spies and Email Encryption
With the recent media focus on cybersecurity, whether it is talk of Russian hackers scheming to influence US presidential elections, or the pervasive pressure to comply with GDPR or HIPAA (healthcare privacy regulations) or other consumer data privacy requirements, “encryption” is one of the solutions that is often introduced.
Not All TLS is Created Equal
Many, many software service sales professionals throw around security phrases to make cyber security sound simple. Today, as technologies advance and threats get ever more sophisticated, encrypting email for privacy compliance is not getting simpler. The devil (hacker) is in the details.
Habits are often hard to break. Some professional offices, particularly in the health care sector, when there is a need to send something private, send by fax. Their belief is, if they send by fax, the transmission is secure and private (HIPAA compliant).
As consumer awareness of data privacy issues increases, companies that don’t take their clients’ data privacy seriously are getting hit harder and harder. In healthcare, a Florida healthcare provider paid a $5.5 million fine (a HIPAA record) earlier this year for allowing more than 115,000 patient records to be improperly accessed and disclosed. Last year, Ashley Madison paid almost $1.6 million to settle charges related to Federal Trade Commission (FTC) enforcement of data privacy laws, after the online “cheating” site’s virtually non-existent cybersecurity practices allowed the compromise of all its 36 million users worldwide.
Email encryption is one of the strongest defenses that an organization can implement against data breaches brought on by the improper disclosure or distribution of medical records or protected health information (PHI). But without written policies and procedures governing the use of encryption services, these efforts mean next to nothing in the eyes of HIPAA auditors who have been redoubling their efforts to investigate non-compliance across the health care industry.
Small business are not ‘under the radar’ of government enforcement for HIPAA privacy and security rules. Not only is the government issuing meaningful fines to small businesses for non-compliance with these data privacy rules, they are explicitly stating that regardless of the size of the firm, whether a small physician’s office or insurance broker, they will hold everyone accountable.
Importance of HIPAA Compliant for Electronic Signatures in Standardizing Electronic Health Care Transactions
RE: Required Patient and Beneficiary Authorizations, Notices and Acknowledgments