Most ePHI breaches come from one or two vulnerabilities: employee errors or loss/theft of a device. Employee errors occur when effective training is missing, and they fall victim to social engineering, for example, and allow the bad actors in. Another way ePHI is compromised is when a device, such as a laptop, tablet, or phone that has access to ePHI, is lost or stolen. This is a frequent occurrence. However, if all data is encrypted, then it will be unreadable, and therefore unusable. Current HIPAA regulations do not require encryption, but it is an accepted safeguard.

Pin It on Pinterest

Share This