Wooden lock surrounded by wooden people to depict HIPAA Security

Get Hip to HIPAA – Four Technology Tips for Keeping Information Safe

Risk Management, Student Health

Your personal medical information is a hot commodity.

According to a survey from Accenture, “one in four U.S. consumers have had their medical information stolen.” Interestingly, much of the stolen information is used to buy medical equipment, bill for medical care, and fill prescriptions. This is known as medical identity theft, and is a much more lucrative industry than financial identity theft.

The Health Insurance Portability and Accountability Act (HIPAA) is a series of regulations aimed at keeping medical information private and secure. HIPAA training is required annually by employees of companies who could have access to Protected Health Information (PHI).

In addition to helping you keep students’ medical information safe, here are some great ways students can keep their own information safe. Informing students of the risk of medical identity theft and teaching them how to keep their own information secure can be just as important as teaching them of the risks of financial identity theft.

Here are four tips for keeping medical information safe.

1.Encrypt Your Emails

Using an email encryption service will make sure the message can only be read by its intended recipient. There are various types of encryption that can be used to meet the current standards, such as an AES 128, 192, or 256-bit encryption. Your IT Department or a third-party service would typically manage this for you, so they should be able to tell you exactly which type you use. Some email providers will require you to encrypt emails individually. If this is the case, it may be safer to choose to encrypt all emails so one with PHI is not missed.

2. Only use secure devices and connections

Unprotected networks and devices are easy targets for experienced hackers. It may seem like a nice idea to connect to the Wi-Fi at your coffee shop while sipping on your favorite latte but be sure not to do it when handling PHI.

3. Don’t store PHI on USBs
Last year, a company in Puerto Rico was fined $2.2 million dollars after a USB with PHI from over 2-thousand individuals was stolen. Ouch! Needless to say, the risk of losing a USB or other similar storage devices is just not worth the risk.

4. Keep your logins secure

Creating a login password can be a frustrating process! At times it seems there are about 100 requirements just to create a login. By creating that indecipherable combination of letters, numbers, and characters, you’re doing your part in keeping the data secure. Although you might be tempted to write the password down to remember it, make sure you do it in a secure manner. Sticky notes on your desk and Word documents titled Important Passwords are a big no-no. One way to keep passwords logged is to use a Password Manager. Here are some of the available services you can use.

It can also be frustrating to sign back onto your desktop every time you leave your desk. However, keeping your computer password protected and locking it when you away is another vital component of keeping information safe.