Q: We recently took a survey and many of our employees admitted to saving their passwords in a Word® document or a Notes® file on their phone. Is this riskier than having passwords written down on paper and stored in a safe place at work or home? How can we discourage employees from writing down their passwords anywhere?
Q: Following a breach, many organizations post a breach notification letter to their website. Is there a particular spot on the site that it must be posted? Can the link to the notification letter be posted anywhere on the homepage?
Q: Many organizations have outsourced their PHI disposal for years. With coronavirus limiting the number of people coming in and out of medical facilities, what are your suggestions for organizations that now have to take care of PHI disposal themselves? What are the most important things to remember when handling this process?
HHS and the Substance Abuse and Mental Health Services Administration (SAMHSA) finalized the 42 CFR Part 2 Revised Rule in July, implementing updated regulations governing the confidentiality of patient records for the treatment of substance use disorders (SUD).
