Health IT tip of the day: Encrypt or destroy data for HIPAA compliance

Staff -

The basic requirements for HIPAA and HITECH Act compliance can be achieved two ways: data encryption or data destruction.

Cam Roberson, director of the reseller channel for Beachhead Solutions in San Jose, Calif.: The law requires electronic personal health information must be rendered "unusable, unreadable, or indecipherable to unauthorized individuals." Health organizations handling ePHI should possess both capabilities — thorough encryption to protect exposed data from being read, and the ability to remotely destroy data when a device containing ePHI falls into the wrong hands.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.