Scientific rehab facility is dealing with a compliance closing date for HIPAA privateness laws, and that may be an issue, says a cybersecurity pilot fish running there.
“The HIPAA laws are strewn with attainable problems,” fish says. “When some facet is not adopted and a affected person’s knowledge privateness is compromised, the fines can also be considerable.”
And that is the reason the headache fish faces on account of his facility’s use of Gmail. Because the website’s cybersecurity engineer, fish is aware of that bizarre Gmail is not HIPAA compliant.
Thankfully, there is a repair — one who comes to further forms and agreements, along side some added safety verification. However that is nonetheless more straightforward and no more advanced than transferring everybody off Gmail.
So fish works to verify all HIPAA necessities and business requirements are met. After a radical seek of to be had documentation, he creates a to-do listing for the roadmap to verify the ability has the entirety as a way to agree to HIPAA.
And fish has the CTO’s repeated assurances that all of the vital steps had been taken and adopted in keeping with HIPAA.
There may be only one downside: “After requesting required File A 4 instances and required File B thrice — and given previous problems with the CTO — it turned into more and more obvious that not one of the paintings had in reality been carried out,” sighs fish.
“And with out that documentation, if anything else dangerous have been to occur, everybody can be pointing at me…”
File your true story of IT existence for Sharky. Ship your tale to me at firstname.lastname@example.org. You’ll be able to additionally touch upon these days’s story at Sharky’s Google+ neighborhood, and skim 1000’s of serious outdated stories within the Sharkives.
Get Sharky’s outtakes from the IT Theater of the Absurd delivered without delay on your Inbox. Subscribe now to the Day-to-day Shark E-newsletter.