Ensuring your computers are HIPAA protected is not easy. There are many intricacies that can trip you up, and if something happens that causes you to violate HIPAA there are significant ramifications. The company could be fined up to $1.5 million. Clearly, you want to do all you can do to avoid this. To help you out, we have put together a checklist that can give you a great start towards maintaining your HIPAA compliance.
Default firewalls shipped with ISP are generally not sufficient. It is a good idea to upgrade your firewall to something more secure for an extra layer of protection. Even if it does meet the specifications of HIPAA, it should be updated to better secure your confidential information.
Most people have some sort of anti-virus, but unfortunately it is not always sufficient. Find solutions like Sophos that use a crypto-locker-blocker. This is what many of the top IT solution companies like Swift use, so you can trust it with your company.
This is probably the most overlooked aspect of digital security. If your systems are physically accessible to anyone, then you are extremely vulnerable, even if you have top-notch firewalls and anti-virus software. In nurses’ offices, for example, they often keep their computers logged on right in front of patients when they leave the room. Someone could easily stick a thumb drive in and extract data, or take pictures of the screen on their phone, and nobody would ever know. Use things like card readers and key-loggers to enhance security alongside an airtight IT policy.
While this is not yet required by HIPAA, it is gaining in popularity and will likely be required in the near future. It is worth taking the time to get ahead of this trend and prepare for any upcoming HIPAA changes. If someone was to get ahold of some of your hardware, they could take it offsite, replace the hard drive, and get any information they wanted. If it’s encrypted, unless they have a supercomputer, they won’t be able to get any information out of it.
Privacy filters are one of the most inexpensive HIPAA requirements. They cost between $10-$15, so there is no reason that every computer near patients and customers shouldn’t have one. Of all the complicated HIPAA requirements, this one should be easily followed.
Password security is something that should be practiced in every aspect of your life, especially when you are trying to protect confidential information. There are many password protection tips out there, but simply having passwords with symbols, uppercase/lowercase letters, and numbers is a good start. Make sure you change these passwords often – every 3-4 weeks is a good rule of thumb.
Complying with HIPAA is obviously much more complicated than simply following this short checklist, but these items are a good place to start. Make sure that you’re familiar with HIPAA regulations and do all you can to protect your confidential information. Yet, to really ensure your security, contact Swift Systems and talk to one of our MSP specialists to help discuss the road to HIPAA compliance – and how we can bring you into safe waters.
IT systems are foundational to modern businesses. Too often, that foundation is unsteady. Unpredictable outages, insecure networks, and unreliable performance from mission-critical systems can jeopardize your entire business.
There’s a better way. Learn how.
Get in touch with us for a free consultation with one of our technical experts. We'll review your current systems, assess your needs, and identify the coverage options to best meet them.