Resources for Health Insurance Portability and Accountability Act (HIPAA)

The security control nobody used…

blogs.techrepublic.com.com

The solution implemented included the following:

1. Automatic outbound message encryption. Messages were encrypted when the content filtering engine, referencing HIPAA and PII lexicons, calculated a score greater than the threshold set.
2. Encrypted messages could be delivered to recipients as password-protected attachments. The solution also supported sending affected messages to an online mailbox in the enterprise data center, forwarding a notification to the recipient, and requiring the recipient to log in to the online mailbox to retrieve the message. Remote access was via SSL. However, senior management thought this was too much trouble for vendors, customers, etc. They directed the technical team to go the attachment route.
3. Manual encryption was possible by marking the message “confidential.”

View the Resource

Share or bookmarklet this web page at: