Zix Blog

Office for Civil Rights Comments on Strong Authentication for HIPAA

Thu, 11/17/2016 - 01:15 by Dena Bauckman
On November 7, 2016, the Office for Civil Rights (OCR), the Health and Human Services (HHS) office responsible for enforcing the Health Insurance Portability and Accountability Act (HIPAA), issued its latest newsletter titled “What Type of Authentication is Right for You?” In the newsletter, the OCR focuses on the risk of weak authentication as a cause of recent healthcare-related cybercrimes. The OCR suggests that covered entities and business associates conduct an enterprise-wide risk assessment and consider implementing stronger authentication to protect electronic personal...
Read More

Email Data Loss Prevention with ZixQuarantine

Tue, 11/15/2016 - 11:00 by Cathy Kingeter
The average number of business emails sent per user, per day rose to 34 in 2015*. With each “Send” comes potential risk of sensitive and confidential information leaving your organization. All it takes is a quick tap. An employee sends an email, but to the wrong person or accidently attaches a file containing confidential information that should not be sent. It is easy to see how it happens, and once an email leaves your secure network, there are few options to fix the issue. Unfortunately there are also situations where an employee sends email for malicious reasons. Whether...
Read More

Customer Spotlight: Highland District Hospital Trusts Zix with Email Security

Wed, 06/15/2016 - 10:54 by ZixCorp
With the Health Insurance Portability and Accountability Act (HIPAA) Audit Program in Phase 2 , HIPAA compliance is top of mind right now for healthcare providers and business associates that manage and exchange protected health information (PHI). Combine the audit program with a rise in healthcare data breaches , amounting to the loss of $6.2 billion per year , and it’s no wonder healthcare organizations are looking for and sticking with reliable, easy-to-use data security solutions. That’s why Highland District Hospital signed a five-year contract renewal for ZixGateway . As a...
Read More

Survey Reveals Massive Losses in Healthcare Breaches

Mon, 05/16/2016 - 11:09 by ZixCorp
Over the weekend I read this study from the Ponemon Institute revealing that not only have nearly 90% of U.S. health businesses suffered data breaches during these past two years, but also the losses amount to a jaw-dropping $6.2 billion per year. It’s Ponemon’s sixth annual report on the privacy and security of protected healthcare data, looking both at covered entities (CE) and, for the first time, business associates (BA) as defined by HIPAA and section 45 CFR 160.103 of the Federal Regulations . The inclusion of BAs in the Ponemon study is timely: according to David Holtzman...
Read More

Spring Has Sprung and It’s Brought HIPAA Audits along with It

Mon, 04/25/2016 - 13:11 by ZixCorp
If you’re a member of the healthcare community, then you’ve probably seen the news: The U.S. Office for Civil Rights (OCR) announced that it has rolled out Phase 2 of the Health Insurance Portability and Accountability Act (HIPAA) Audit Program, which will lead to hundreds of reviews of covered entities and their business associates. So what does this all mean? Thanks to the adoption of electronic health records, the sheer volume of sensitive patient data that is handled by healthcare organizations and their business associates has exploded. So there is only one thing that can be...
Read More

Study Finds Doctors Not Using Encrypted Email

Thu, 12/10/2015 - 10:45 by Neil Farquharson
I’ve just been reading a paper from the Canadian Journal of Diabetes . It describes a study of doctors using – or in this case not using – email to communicate with their patients, and the study’s conclusions surprised me. It seems that many doctors are avoiding using email to communicate with patients because they believe that email is not only insecure, but also because patients may find it too difficult to decrypt these emails. I thought: what a bizarre point of view. One of the authors of the study, Doctor Doreen Rabi was quoted by a local news agency saying...
Read More

Are You Ready for Your OCR HIPAA Audit?

Mon, 12/07/2015 - 11:10 by Neil Farquharson
Jocelyn Samuels, the Director of the OCR has confirmed that Phase Two of the HIPAA compliance audits will be commencing in early 2016 and that organizations need to prepare if they have not done so already; and according to HIPAA Journal , business associates will not be excluded from the audits this time. The ori ginal audits – Phase One – were aimed at educating covered entities and particularly in educating them. They did include companies who appeared on the OCR Wall of Shame as covered in this Zix webinar , but not typically companies that suffered breaches with less than 500 patient...
Read More

Customer Spotlight – ZixCorp Gives Boost of Confidence to Trinity Health

Tue, 10/27/2015 - 07:58 by ZixCorp
In today’s healthcare industry, it’s not uncommon to find workplaces where the burden of security decisions falls squarely on the shoulders of employees — specifically when it comes to whether or not information transmitted by email should be encrypted. This decision — which could have lasting consequences for a company — is a complex one that could not only expose a patient’s protected health information (PHI) but also be a violation of HIPAA. With sensitive information regularly changing hands among patients, healthcare providers and insurers, each email...
Read More

The Latest HIPAA Settlement Is Eye-Catching

Wed, 07/15/2015 - 12:05 by ZixCorp
On Monday, Joseph Conn published an article for Modern Healthcare highlighting a recent HIPAA settlement between St. Elizabeth's Medical Center and the Office for Civil Rights (OCR), which as most of you know enforces the HIPAA Privacy Rule . Settlements with the OCR and breaches on its “Wall of Shame” are so frequent that it’s easy to ignore the latest news, but this particular article caught our eye when reporting: The settlement involved “a relatively rare enforcement area, Internet-based file-sharing services” Insight from Adam Greene, a well-known...
Read More

New Survey Reveals Concerns with Security of Healthcare Information

Fri, 06/12/2015 - 10:38 by ZixCorp
Are healthcare organizations doing a good job of complying with HIPAA and ensuring the privacy and security of patient data? According to the 2015 Healthcare Information Security Today Survey, published today, an overwhelming majority of respondents – 79 percent - were confident or very confident their organization would “pass” a Department of Health and Human Services HIPAA compliance audit. That indicates they believe they’re making all the right moves. But are they really? While the forty-page survey confirms that most organizations are fulfilling the requirements of HIPAA, and the HITECH...
Read More


Subscribe to RSS - HIPAA

Switching to Zix Just Got Better

50 percent or more off your first year when you switch to Zix Email Encryption by Feb. 28, 2017, from an eligible competing solution.

Learn More