Manage Learn to apply best practices and optimize your operations.

HIPAA violation examples: The five most common mistakes

Kristen Lee
News Writer
4/6

Healthcare data security: Lack of transmission security, encryption

Source:  yogysic/iStock
Visual Editor: Sarah Evans

When it comes to healthcare data security, OCR said that the three main areas of error are the lack of encryption, lack of transmission security and the use of unpatched or unsupported software.

OCR said that all HIPAA-covered entities must either implement encryption or document why encryption is not reasonable and appropriate in a particular circumstance. From there, the entity must implement reasonable compensating healthcare data security controls.

Encrypting data in transit is also a requirement, OCR said. This is important, for example, in relation to mobile in healthcare.

And finally, healthcare organizations' use of unpatched or unsupported software creates a healthcare data security risk on systems that access ePHI. However, with patch management technologies, it is possible to automatically update and patch software.

View All Photo Stories

Join the conversation

1 comment

Send me notifications when other members comment.

Register

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What processes do you have in place to avoid healthcare data security issues?
Cancel

-ADS BY GOOGLE

SearchCompliance

SearchCIO

SearchCloudComputing

SearchMobileComputing

SearchSecurity

SearchStorage

Close