If It Fits, You Must Encrypt (Part II)

June 24, 2011
In a post several months ago (see "If It Fits, You Must Encrypt"), I discussed the Nevada statute that will require Nevada businesses that store or

In a post several months ago (see "If It Fits, You Must Encrypt"), I discussed the Nevada statute that will require Nevada businesses that store or use information of any individual to being encrypting customer information that they send electronically (other than by fax) on October 1, 2008. The movement towards legally required encryption took another step forward last month in Massachusetts.

Massachusetts adopted regulations on September 22 that will require businesses that store or use information about Massachusetts residents, to implement comprehensive information security programs by January 1, 2009. The new regulations make Massachusetts the second state to mandate reasonable security practices for all businesses, after California.

While covered entities subject to the HIPAA Security Rule should have already implemented an information security compliance program, the Massachusetts regulations may raise the bar a bit in certain areas. For example, the Massachusetts regulations require encryption of personal information stored on laptops or transmitted across public or wireless networks. Under the HIPAA Security Rule, encryption of PHI is an "addressable€VbCrLf implementation specification, but is not required.

For healthcare organizations, the new Massachusetts regulations are yet another reason why a comprehensive, formal information security compliance program is highly advisable €¦ and (depending on your business and the states you're operating in) it may be the law.

Sponsored Recommendations

Going Beyond the Smart Room: Empowering Nursing & Clinical Staff with Ambient Technology, Observation, and Documentation

Discover how ambient AI technology is revolutionizing nursing workflows and empowering clinical staff at scale. Learn about how Orlando Health implemented innovative strategies...

Enabling efficiencies in patient care and healthcare operations

Labor shortages. Burnout. Gaps in access to care. The healthcare industry has rising patient, caregiver and stakeholder expectations around customer experiences, increasing the...

Findings on the Healthcare Industry’s Lag to Adopt Technologies to Improve Data Management and Patient Care

Join us for this April 30th webinar to learn about 2024's State of the Market Report: New Challenges in Health Data Management.

Findings on the Healthcare Industry’s Lag to Adopt Technologies to Improve Data Management and Patient Care

2024's State of the Market Report: New Challenges in Health Data Management