HIPAA Handbooks

  • Privacy and security training for new and seasoned staff
  • 11 staff/setting focus areas
  • Education on protecting PHI
  • New HITECH Act changes
  • Discounts on bulk purchases

More»

E-learning

  • Role-based training using real-life case scenarios
  • Test-your-knowledge exercises with remediation
  • Post-course test to document staff participation

More»

Other HIPAA Resources

  • Hot-topic audio conferences
  • Books on privacy and security
  • Newsletters
  • e-Newsletter
  • Videos


More»

Mar
13

HIPAA Q&A: Networking computers

Email This Post Print This Post

questionsSubmit your HIPAA questions to Editor Jaclyn Fitzgerald at jfitzgerald@hcpro.com and we will work with our experts to provide the information you need.

Q: Does HIPAA permit organizations to network computers internally or externally? For example, can a CE link two computer systems within the organization or between the organization and another CE or BA to exchange information? If so, what is the most secure way to accomplish this?

A: HIPAA is technology neutral and does not prohibit networking computers internally or externally. If networking internally, the organization should ensure it has a strong perimeter (i.e., installing and regularly updating a firewall and anti-malware). If networking to an external computer, the CE should establish a secure method of communication (e.g., using a virtual private network, secure web, or some other method of ensuring the patient data is encrypted when it travels outside of a closed or secure network).

Editor’s note: Chris Apgar, CISSP, president of Apgar & Associates, LLC, in Portland, Oregon, answered this question for HCPro’s Briefings on HIPAA. This information does not constitute legal advice. Consult legal counsel for answers to specific privacy and security questions.

Categories : HIPAA Q&A

Leave a Reply