• Home
  • Practice Focus
    • Facial Plastic/Reconstructive
    • Head and Neck
    • Laryngology
    • Otology/Neurotology
    • Pediatric
    • Rhinology
    • Sleep Medicine
    • How I Do It
    • TRIO Best Practices
  • Business of Medicine
    • Health Policy
    • Legal Matters
    • Practice Management
    • Tech Talk
    • AI
  • Literature Reviews
    • Facial Plastic/Reconstructive
    • Head and Neck
    • Laryngology
    • Otology/Neurotology
    • Pediatric
    • Rhinology
    • Sleep Medicine
  • Career
    • Medical Education
    • Professional Development
    • Resident Focus
  • ENT Perspectives
    • ENT Expressions
    • Everyday Ethics
    • From TRIO
    • The Great Debate
    • Letter From the Editor
    • Rx: Wellness
    • The Voice
    • Viewpoint
  • TRIO Resources
    • Triological Society
    • The Laryngoscope
    • Laryngoscope Investigative Otolaryngology
    • TRIO Combined Sections Meetings
    • COSM
    • Related Otolaryngology Events
  • Search

Why HIPAA, Protected Health Information Cybersecurity Best Practices Are Critical in COVID-19 Era

by Steven M. Harris, Esq. • October 19, 2021

  • Tweet
  • Click to email a link to a friend (Opens in new window) Email
Print-Friendly Version
© PopTika / shutterstock.com

© PopTika / shutterstock.com

When the first COVID-19 case was recorded, it was difficult to appreciate the extent to which cybersecurity concerns, particularly in connection with the protection of patient healthcare data, would enter into mainstream consciousness. Although many practices and healthcare organizations have recently adopted additional measures to safeguard patients’ protected health information (PHI) through expanded cybersecurity monitoring, remote working conditions and the use of electronic communications pose a security risk and can create access points for cyber criminals that could result in a breach.

You Might Also Like

  • Avoid Data Breaches, HIPAA Violations When Posting Patients’ Health Information Online
  • Department of Health and Human Services’ Final Rule Expands HIPAA Obligations, Violation Penalties
  • Senate Bill Targets Medical Device Cybersecurity
  • Internal Due Diligence Review Critical for Physician Practices
Explore This Issue
October 2021

Further, with more employees than ever working remotely, it’s critical to ensure that physical spaces like offices, warehouses, and other sites and facilities are properly secured to prevent unauthorized access, use, or disclosure of PHI or other sensitive information.

To protect against these heightened risks, implementing the Health Insurance Portability and Accountability Act (HIPAA) and PHI cybersecurity best practices related to technical and physical security is critical.

Infrastructure and Corporate Policies/Procedures

Federal law provides a technical safeguard framework for covered entities and business associates to implement in connection with access to PHI. Relevant guidance includes the following key elements of significant importance in the COVID-19 era.

  • Access control. Implement technical policies and procedures for electronic information systems that maintain electronic PHI to allow access only to those persons or software programs that have been granted access rights as specified in §164.308(a)(4) of HIPAA.
  • Unique user identification (required). Assign a unique name and/or number for identifying and tracking user identity.
  • Emergency access procedure (required). Establish (and implement as needed) procedures for obtaining necessary electronic PHI during an emergency.
  • Automatic logoff (addressable). Implement electronic procedures that terminate an electronic session after a predetermined time of inactivity.
  • Encryption and decryption (addressable). Implement a mechanism to encrypt and decrypt electronic PHI.

Organizations have flexibility, particularly with the addressable requirements, in how they implement these security protocols. These addressable concerns are particularly important in the COVID-19 era given the rise in the use of telehealth.

With patient screenings being conducted through the use of online portals and virtual meeting rooms, patient data are being both stored and disseminated through online network channels, email, and other telecommunications modes. As a result, access control, encryption, and automatic logoff are particularly important.

Although these considerations have always been significant, these safeguard elements are connected to scenarios that were less frequently contemplated prior to the rise of telehealth. Consider the following:

Pages: 1 2 3 4 | Single Page

Filed Under: Departments, Legal Matters Tagged With: COVID19, cybersecurityIssue: October 2021

You Might Also Like:

  • Avoid Data Breaches, HIPAA Violations When Posting Patients’ Health Information Online
  • Department of Health and Human Services’ Final Rule Expands HIPAA Obligations, Violation Penalties
  • Senate Bill Targets Medical Device Cybersecurity
  • Internal Due Diligence Review Critical for Physician Practices

The Triological SocietyENTtoday is a publication of The Triological Society.

Polls

Have you invented or patented something that betters the field of otolaryngology?

View Results

Loading ... Loading ...
  • Polls Archive

Top Articles for Residents

  • Applications Open for Resident Members of ENTtoday Edit Board
  • How To Provide Helpful Feedback To Residents
  • Call for Resident Bowl Questions
  • New Standardized Otolaryngology Curriculum Launching July 1 Should Be Valuable Resource For Physicians Around The World
  • Do Training Programs Give Otolaryngology Residents the Necessary Tools to Do Productive Research?
  • Popular this Week
  • Most Popular
  • Most Recent
    • Otolaryngologists as Entrepreneurs: Transforming Patient Care And Practice

    • The Dramatic Rise in Tongue Tie and Lip Tie Treatment

    • Rating Laryngopharyngeal Reflux Severity: How Do Two Common Instruments Compare?

    • Physician Handwriting: A Potentially Powerful Healing Tool

    • Continued Discussion And Engagement Are Essential To How Otolaryngologists Are Championing DEI Initiatives In Medicine

    • The Dramatic Rise in Tongue Tie and Lip Tie Treatment

    • Rating Laryngopharyngeal Reflux Severity: How Do Two Common Instruments Compare?

    • Is Middle Ear Pressure Affected by Continuous Positive Airway Pressure Use?

    • Otolaryngologists Are Still Debating the Effectiveness of Tongue Tie Treatment

    • Complications for When Physicians Change a Maiden Name

    • Physician Handwriting: A Potentially Powerful Healing Tool
    • Leaky Pipes—Time to Focus on Our Foundations
    • You Are Among Friends: The Value Of Being In A Group
    • How To: Full Endoscopic Procedures of Total Parotidectomy
    • How To: Does Intralesional Steroid Injection Effectively Mitigate Vocal Fold Scarring in a Rabbit Model?

Follow Us

  • Contact Us
  • About Us
  • Advertise
  • The Triological Society
  • The Laryngoscope
  • Laryngoscope Investigative Otolaryngology
  • Privacy Policy
  • Terms of Use
  • Cookies

Wiley

Copyright © 2025 by John Wiley & Sons, Inc. All rights reserved, including rights for text and data mining and training of artificial technologies or similar technologies. ISSN 1559-4939