Virtru Blog

Is Outlook HIPAA Compliant?

A HIPAA Business Associate Agreement (BAA) isn’t just a way to be extra-sure your partner is protecting your customer’s privacy or complying with HIPAA — it is the bare minimum required by law. With a few exceptions (such as your ISP), everyone who has access to your patient’s information needs to sign a BAA, including […]

December 22, 2016 | HIPAA
HIPAA Compliant Cloud — Beyond the BAAs

With the second round of HIPAA Phase 2 Audits ending around the New Year, many organizations are holding their breath. The third round moves from mere desk audits to more comprehensive site visits, but assuming you’re not picked, you’re out of the woods, right? Not exactly. The Office of Civil Rights gets nearly 20,000 complaints […]

November 24, 2016 | Email Encryption, HIPAA
New Guide: Email Encryption for Government Organizations

With new cybersecurity breaches happening each week, governments know online data can become vulnerable, but it can be a real challenge to determine exactly when and how to keep this sensitive data protected. Which email compliance regulations apply? What encryption do cloud email providers enable by default — and is that enough? How can you ensure […]

September 30, 2016 | CJIS, HIPAA
Do I Need a HIPAA Compliant Email Service? A Business Associate Guide

At the start of the Phase 2 HIPAA Audits, the Office of Civil Rights (OCR) launched a major string of enforcement actions. In addition to imposing the largest HIPAA settlement to date ($5.55 million), they levied their first business associate penalty — a $650,000 fine for a breach that affected a mere 412 patients. The […]

September 19, 2016 | HIPAA
HR, HIPAA and Email: Requirements for Employee Health Data

The days when only the medical industry had to worry about HIPAA compliance are over. With the Phase 2 HIPAA audits underway, the Office of Civil Rights (OCR) has made it clear that any industry or department that stores or processes healthcare data is on the hook — including HR. Failing to adequately protect employee […]

September 6, 2016 | HIPAA
Secure Client Portals: An Idea Whose Time Has Come (and Gone!)

No one becomes a doctor, lawyer or finance professional to worry about security. However, data breaches have become a major occupational hazard for a wide range of industries. The news is filled with massive leaks and costly settlements on a daily basis. And often, professionals who were never trained in IT security are the ones […]

July 7, 2016 | HIPAA
Is It a HIPAA Breach Notification or a Close Call?

If you work in the health industry, then making sure your business is HIPAA complaint is at the top of your priority list. A simple mistake like mistyping an email address can breach electronic Protected Health Information (ePHI), with devastating consequences. Something as simple as a typo can ignite an investigation, potentially leading to expensive […]

July 5, 2016 | HIPAA
The 5 Worst HIPAA Business Associate Agreement Mistakes

Many healthcare providers treat a HIPAA business associate agreement like a mere formality. They draft a HIPAA compliance checklist to carefully verify access control, training and other factors, then leave it to legal to send off BAAs to partners as part of the contract paperwork. But you’re responsible for safeguarding Protected Health Information (PHI), even […]

June 30, 2016 | HIPAA
Enforcing HIPAA Email Rules Just Got Easier

By itself, email encryption can help to prevent HIPAA violations caused by hackers, but not those caused by user error. Even a trained user can accidentally type in the wrong address or attach the wrong file, forward an email chain without noticing there’s PHI in it, or simply forget to encrypt the message. Virtru HIPAA compliant […]

June 21, 2016 | HIPAA
Webinar: Electronic Devices in Healthcare — Ensuring HIPAA Compliance in Your Practice

As incredibly useful as electronic devices are, they can pose massive security risks to organizations. Understanding best practices for the use of electronic devices in healthcare is a challenge that requires proactive and careful implementation of policies and procedures as well as extensive employee training. Not sure where to start? Watch below, as Jason Karn […]

June 13, 2016 | HIPAA