How secure is your computer? Do you have a password on your computer? Do you have the automatic log offs turned on? Is your computer encrypted? Are your off-site storage files encrypted?
This document is designed to give some basic information about making your office a little more secure. It is not a substitute for a thorough HIPAA risk assessment.
However, there are some steps you can take right now to help cut your risk of identity theft, or security breaches. Take steps TODAY!
HIPAA & Passwords
Regardless of whether you are a HIPAA covered entity or not, passwords usage should be part of your office's Policies and Procedures Manual. HIPAA Complete offers a HIPAA Audit which walks you through your office to identify privacy and security shortcomings. Passwords are part of this audit process. HIPAA Complete has the logs, guidelines, and policy templates to get you started.
What is the big deal about encryption? Well, it is the best way to secure your computer against security breaches. What is encryption? Encryption is a process by which data is rendered unreadable/unviewable unless a "key" is used to unlock it. This is a great
"In cryptography, the Advanced Encryption Standard (AES) is an encryption standard adopted by the U.S. government. The standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger collection originally published as Rijndael. Each of these ciphers has a 128-bit block size, with key sizes of 128, 192 and 256 bits, respectively. The AES ciphers have been analyzed extensively and are now used worldwide, as was the case with its predecessor, the Data Encryption Standard (DES).
AES was announced by National Institute of Standards and Technology (NIST) as U.S. FIPS PUB 197 (FIPS 197) on November 26, 2001 after a 5-year standardization process in which fifteen competing designs were presented and evaluated before Rijndael was selected as the most suitable (see Advanced Encryption Standard process for more details). It became effective as a Federal government standard on May 26, 2002 after approval by the Secretary of Commerce. It is available in many different encryption packages. AES is the first publicly accessible and open cipher approved by the NSA for top secret information .
Hopefully everyone is using medical billing software that utilizes encryption for their "data at rest" - that is, data that is not moving anywhere on your hard drive. Sadly, most people do not realize that there is also a security "gap" when the data is NOT at rest. Here are three scenarios explaining when data is NOT at rest:
Even if you are using encryption on your software, if you wish to avoid the possiblity of a breach, there are also other measures that need to be taken. Here are a few Do's and Don'ts:
Don't do the following:
Do the following:
This article is available for publishing on websites, blogs, and newsletters. The article must be published in its entirety - all links must be active. If you would like to publish this article, please contact us and let us know where you will be publishing it. The easiest way to get the text of the article is to highlight and copy. Or use your browser's "View Source" option to capture the HTML formatted code.
If you would like a specific article written on a medical coding and billing topic, please Contact Us.
Find A Code, LLC
62 East 300 North
Spanish Fork, UT 84660
Phone: 801-770-4203 (9-5 Mountain)