Touchstone Compliance

HIPAA Quick Tip

Can You Keep a Secret? 9 Tips for Creating Strong Passwords.

The computers in your office are veritable treasure chests of information cyber pirates would love to get their hands on. Only authorized personnel in a practice should have the keys to unlock what’s inside.  Passwords as those keys. They play an important role in protecting Electronic Health Records (EHR) and the vital information those records …

Can You Keep a Secret? 9 Tips for Creating Strong Passwords. Read More »

Most HIPAA Checklists Are a Waste of Time. Here’s Why.

Just now, out of curiosity, I Googled the words “HIPAA compliance checklist.” Within .20 seconds I got 2,470,000 results. Page after Google page of businesses, legal firms, healthcare organizations, and government agencies offering everything from “Ten-Point HIPAA Checklists” to “$89 Compliance Checklists.” The appeal of such lists is undeniable. Knowing what I know about HIPAA …

Most HIPAA Checklists Are a Waste of Time. Here’s Why. Read More »

8 Simple Physical Safeguards for Protected Health Information

It’s happened in hundreds of offices. A thirsty staff member brings a beverage to a computer workstation. Sets in down within easy reach. Logs on to the computer and turns her attention to the screen. A few minutes later, she absently reaches for the drink. Accidentally knocks it over. Gasps as the cola from her …

8 Simple Physical Safeguards for Protected Health Information Read More »

How Falling Prey to a Phishing Expedition Puts PHI at Risk

Phishing has become so commonplace, the word has made its way into the dictionary: Phish — to try to obtain financial or other confidential information from Internet users, typically by sending an e-mail that looks as if it is from a legitimate organization, usually a financial institution, but contains a link to a fake website …

How Falling Prey to a Phishing Expedition Puts PHI at Risk Read More »

The Pluses of a Virtual Private Network for Exchanging PHI Remotely

Let me set a scene where a Virtual Private Network (VPN) would be “just what the doctor ordered.” You’re out of town at a conference of healthcare professionals in your specialty. Before you left home, a colleague asked you to consult on a paricular case. She said she would email you the patient’s test results …

The Pluses of a Virtual Private Network for Exchanging PHI Remotely Read More »

The Basics of Mobile Device Security for Protected Health Information

The single most common way Protected Health Information (PHI) is compromised is through the loss of devices themselves, whether this happens by accident or by theft. Technology — thumb drives, CDs, smart phones, tablets — has made it possible for large amounts of information to be tucked into our pockets or purses and carried to …

The Basics of Mobile Device Security for Protected Health Information Read More »