Despite Bitglass, Inc.'s newness to the healthcare market, the company offers a mobile device management (MDM) solution that is simpler and far less invasive than most solutions available today?something of a feat, as securing data on mobile devices is usually not an easy task.
Q: It is my understanding that written authorization is required for the release of PHI even for treatment, payment, and operations purposes. I believe this is true in New York state, but am unsure if it is also true nationally.
Q: Is there a sample risk analysis about how an enterprise or clinic might evaluate and determine if data-at-rest protection through encryption is reasonable and appropriate as defined in the HIPAA Security Rule?
Release of information (ROI) is typically a function that is managed by the HIM department, but privacy and security officers often play a critical role in ensuring records remain secure during transmission.
