07/15/2015

The Latest HIPAA Settlement Is Eye-Catching

by ZixCorp

Posts

On Monday, Joseph Conn published an article for Modern Healthcare highlighting a recent HIPAA settlement between St. Elizabeth's Medical Center and the Office for Civil Rights (OCR), which as most of you know enforces the HIPAA Privacy Rule. Settlements with the OCR and breaches on its “Wall of Shame” are so frequent that it’s easy to ignore the latest news, but this particular article caught our eye when reporting:Modern Healthcare article snapshot: St. Elizabeth's Medical Center will pay settlement in HIPAA breach

  1. The settlement involved “a relatively rare enforcement area, Internet-based file-sharing services”
  2. Insight from Adam Greene, a well-known privacy lawyer, who said, “you're going to have to have a business associate agreement (BAA) with any cloud-based (service) providers.”
  3. The violations came to light after complaints from the medical center’s own employee base

Often organizations have to account for employees as a weak link in their security and compliance strategy. We understand why; mistakes happen, as we ourselves pointed out in Monday’s data loss prevention blog. However, this article serves as a great reminder that, interestingly enough, employees are also an organization’s greatest asset.  Not only are employees critical to the success of quality care and daily operations, they can be your eyes and ears to ensure security and compliance are meeting your standards day-in and day-out. After all, you spend valuable resources and time training employees on the appropriate policies and procedures; put that training to even greater use by leveraging employee feedback on what’s working and where you need to fill holes. Now in turning our attention to the other two highlights – the “rare enforcement area” of Internet-based file-sharing services and the BAA with any cloud-based (service) providers – we would be remiss if we didn’t offer a quick and selfish reminder that Zix is the leader in protecting the most popular file sharing method (aka email) and, unlike many email encryption competitors, will sign a BAA. We’ve signed several hundred so far and are happy to work with you to provide this extra layer of assurance.

Posted: 7/15/2015 12:00:00 AM by Global Administrator | with 0 comments
Filed under: Breach, compliance, data, Healthcare, HIPAA, loss, prevention


Recent Posts

02/21/2018

TLS is Present, But Is It Working?

by Dena Bauckman

View Blog Post

02/15/2018

Usability Is What Matters in Email Encryption

by Geoff Bibby

View Blog Post

01/24/2018

What 2017 Taught Us about Cybersecurity — What 2018 Has in Store

View Blog Post