
@ShahidNShah
Given the number of breaches we’ve seen this Summer at healthcare institutions, I’ve just spent a ton of time recently on several engineering engagements looking at “HIPAA compliant” encryption (HIPAA compliance is in quotes since it’s generally meaningless). Since I’ve heard a number of developers say “we’re HIPAA compliant because we encrypt our data” I wanted to take a moment to unbundle that statement and make sure we all understand what that means. Cryptology in general and encryption specifically are difficult to accomplish; CISOs, CIOs, HIPAA compliance officers shouldn’t just believe vendors who say “we encrypt our data” without asking for elaboration in these areas:
When you look at encrypting data, it’s not just “in transit” or “at rest” but can be in transiting or resting in a variety of places.
If you care about security, ask for the details.
Shahid Shah is an internationally recognized enterprise software guru that specializes in digital health with an emphasis on e-health, EHR/EMR, big data, iOT, data interoperability, med device connectivity, and bioinformatics.
Connecting innovation decision makers to authoritative information, institutions, people and insights.
Medigy accurately delivers healthcare and technology information, news and insight from around the world.
Medigy surfaces the world's best crowdsourced health tech offerings with social interactions and peer reviews.
© 2023 Netspective Media LLC. All Rights Reserved.
Built on Jan 17, 2023 at 9:26am