A Secure StandardThe Health Insurance Portability and Accountability Act (HIPAA) of 1996 pushed the U.S. Department of Health to create national regulations in handling electronic health information. Its rules say that healthcare businesses should ensure that the electronic PHI they store, create, and transmit is confidential and protected against improper alteration or destruction. Here are measures you can take to uphold this standard.
- Keep Your Site Data Backed-Up – All PHI on your site and servers should be backed up securely, either through a trusted cloud storage service or encrypted and password-protected external drives. It’s also important to use a website data capture program to keep records of your webpage’s content. This way, you’ll have authentic information to review and present, in case your company faces litigation from regulators.
- Encrypt Your Site- Protect your client or patient data by getting your website a secure sockets layer (SSL) certificate. SSL ensures that your site’s connection to your clients’ device is encrypted. This means that the sensitive information that your users input on your site, like passwords, social security numbers, and credit card information, won’t be readable by third parties, like hackers.
- Keep Deals in Writing – When you’re working with other businesses, be it vendors or a digital marketing agency, the HIPAA requires you to create a written contract that outlines the amount of PHI they have access to. It also requires your business partners to safeguard the data they may access from you. If you’re unsure how to draft a contract, the Department of Health & Human Services offers a template you can use.