Demonstrating that ePHI encryption meets the safe harbor requirements may be more difficult than it seems when planning for that inevitable breach. Full disk encryption may not be enough. Many healthcare users believe encryption software installed on mobile devices and desktops will avoid the potentially damaging breach notification. The question is: Can you prove ePHI was encrypted at the time the device was lost, accessed, or stolen? Absio Corporation may have the answer.
One task that almost every healthcare organization is going to have to tackle to comply with the HIPAA omnibus final rule is amending its Notice of Privacy Practices (NPP).
If many acute care hospitals struggle to protect patient privacy, long-term care organizations face their own challenges in ensuring the privacy of residents who live in their nursing homes and assisted living facilities.
