Encrypting USB drives, analyzing security risks, and implementing breach notification policies and procedures could mean the difference between compliance with the Health Insurance Portability and Accountability Act (“HIPAA”) and significant HIPAA penalties. Adult & Pediatric Dermatology, P.C. (“APDerm”), a Massachusetts dermatology practice, learned this lesson the hard way. APDerm reported that an unencrypted thumb drive containing the protected health information (“PHI”) of approximately 2,200 individuals was stolen from an APDerm staff member’s car.
You can read the full post, view and subscribe to the blog by going to http://www.healthlawgurus.com.