That includes times like when a device is lost or stolen, or when an employee is terminated. It comes down to knowing what’s happening with your sensitive files. HIPAA requires full audit trails for PHI, but it’s a good practice for any organization. Encryption can also protect data integrity, making it impossible to modify files without access to the file’s specific encryption keys. The right approach will be transparent, so that the extra layer of protection doesn’t require a convenience compromise.įile-level encryption makes it easier to associate every modification, copy, access, or share operation made to encrypted files with a particular user. They also provide a roadmap for how a business should evaluate the strength of a particular solution.Įncryption should form the basis of any strategy to protect insured parties’ information. It’s true that risks associated with the cloud are broader than HIPAA compliance, but those rules help put threats in context. Data from the Ponemon Institute suggests that more than 80 percent of breaches are due to employee mistakes including lost devices and accidental sharing. Mistakes are an important consideration in this context, because user errors are far more likely to cause breaches than hackers. In recent years, the Office of Civil Rights has announced plans to increase its audits – as well as scrutinize business associates like insurance companies. But all that is changing with recent updates to the law, including The Health Information Technology for Economic and Clinical Health (HITECH) Act, requiring that insurers handling protected health information comply – leaving many struggling to catch up, if they’re thinking about it at all.Įven for agents who only occasionally touch this sensitive data – such as when it’s necessary to obtain a full health history to settle claims – HIPAA compliance and its labyrinth of rules for securing data suddenly come into play. The fact that medical records are becoming electronic carries more opportunities for mistakes.įor a long time, privacy regulations under the Health Insurance Portability and Accessibility Act (HIPAA) didn’t exactly apply to property/casualty insurers. It’s no surprise that medical data has captivated the interest of bad actors when you consider that medical records can fetch more than 10 times as much as financial data on the black market. Their oversight might be seen as crucial catch-up, given that it’s coming at a time when breaches are disproportionately capturing healthcare records. Those protections are gradually increasing to address the progress of technology. The convenience of the cloud demands stronger protections to prevent sensitive data from falling into the wrong hands. With more than 4.5 million smartphones lost or stolen in the United States in 2013 according to Consumer Reports, it’s not difficult to imagine a scenario in which a lost laptop, tablet, or phone undermines clients’ security. But this proliferation of files leaves data unprotected on many devices. Shared networks sit at the heart of cloud computing, meaning that when someone backs up data in one place, like a desktop, it syncs to a host of other devices. It’s also making agents better prepared, ready to address issues as they crop up and respond to inquiries in real time. The right tools are making it possible to be as efficient out in the field as you can be from the office. The cloud helps unlock the full potential of mobile devices, making information available whenever and wherever agents find themselves. The right tools are making it possible to be as efficient out in the field as you can be from the office.Īs consumers grow increasingly comfortable with enterprise-quality technologies like Dropbox, they’re bringing a new set of expectations to the table: Namely, that agents are as efficient and responsive as they’re able to be.
0 Comments
Leave a Reply. |