In 2016, we saw security breaches into some of the largest companies in the world including Yahoo and Twitter. Beyond HIPAA’s security standards, keeping your records safe and out of the hands of potential hackers is something SMARTMD takes very seriously. That’s why security is the focus of this month’s newsletter.
We encrypt everything that moves between our servers and your browser or phone. Just visit HTTPS://SMARTMD.com/ to check for yourself. Look for a little green padlock icon in the address bar. This icon may look slightly different on browsers other than Google Chrome, but you will find it. You may also see that our URL has the letters “HTTPS” in front of it, instead of the usual “HTTP.” This means that your connection to our site is secure and encrypted.
Not only does this encryption mean no one can read the private data you are exchanging with us but it also protects your data from being altered on its way. Secure HTTPS connections also make it harder for someone to “impersonate” our site and services. With HTTPS enabled, you can be sure that you’re visiting the real SMARTMD.com.
We hope you find the rest of this month’s newsletter interesting.
Nandip Kothari, CEO
Feature Highlight: The One Setting We Don’t Let You Change
|Tap on the Settings icon and select Security Options in the SMARTMD App and you will find a list of settings you cannot change. These are the Global Encryption and Password settings that comply with HIPAA security standards and keep your data safe.
They are listed here for your reference, ON by default, and, except for Passcode Lock, you cannot disable. HIPAA requires all PHI on mobile devices to be encrypted using an AES-256 bit algorithm. This includes dictations, photos, reports and scanned documents.
Our mobile app takes care of safeguarding all those for you, so you spend more time with patients and less on compliance.
Personally and professionally, we are asked to provide passwords almost daily. Exactly how most of us select them is generally erratic at best and at worst, a discombobulated exercise in combining kindergarten metaphors, pet names, birthdates and some dubiously ergonomic pattern of letters and numbers from the keyboard. Even using sophisticated password software, the sheer number of passwords we are asked to juggle is unthinkable in a world where we no longer even commit commonly dialed phone numbers to memory.
A quick peek at the password manager I am using right now indicates it is currently storing 981 passwords—no doubt, mostly long-defunct access to free Tetris clones, Club Penguin and launch codes. But that is fodder for another day. After all, in most cases, a password is just a metaphorical key to a locked door.
You’ve made the decision to ditch your digital recorder. Before you download an app to replace it from the Apple iTunes Store, it’s worthwhile to take a moment to carefully consider HIPAA security standards. Remember, HIPAA security rules apply to any device (computer, tablet, or mobile phone) that manage patient records.
Here are 5 key security considerations required by HIPAA’s Privacy Rules. Make sure whatever solution you choose includes and addresses them.