Medigy Logo The Healthcare IT Guy
Person name
Published by
@ShahidNShah

Health Insurance Portability And Accountability Act

A collection of 2  Posts

Who should be held accountable for risk management and cybersecurity in healthcare institutions?

_I’ve been involved in building many life-critical and mission-critical products over the last 25 years and have found that, finally, cybersecurity is getting the kind of attention it deserves. We’re slowly and steadily moving from “HIPAA Compliance” silliness into a more mature and disciplined professional focus on risk management, continuous risk monitoring, and actual security tasks concentrating on real technical vulnerabilities and proper training of users (instead of just “security theater”).

Shahid N. Shah

Encryption at rest and encryption in transit for HIPAA compliance are not easy questions to answer

Given the number of breaches we’ve seen this Summer at healthcare institutions, I’ve just spent a ton of time recently on several engineering engagements looking at “HIPAA compliant” encryption (HIPAA compliance is in quotes since it’s generally meaningless). Since I’ve heard a number of developers say “we’re HIPAA compliant because we encrypt our data” I wanted to take a moment to unbundle that statement and make sure we all understand what that means.

Shahid N. Shah

Medigy Innovation Network

Connecting innovation decision makers to authoritative information, institutions, people and insights.

Medigy Logo

The latest News, Insights & Events

Medigy accurately delivers healthcare and technology information, news and insight from around the world.

The best products, services & solutions

Medigy surfaces the world's best crowdsourced health tech offerings with social interactions and peer reviews.

© 2023 Netspective Media LLC. All Rights Reserved.

Built on Jan 17, 2023 at 9:26am