When it comes to protecting patient health information and complying with HIPAA, your Las Vegas health organization is under more pressure than ever before. Nationwide, HIPAA noncompliance fines totaled $19.3 million in 2017. Penalties have increased more than 300% since 2015.
Passing a HIPAA inspection by the Health and Human Services (HHS) Office of Civil Rights (OCR) hinges on your network security. Las Vegas computer networking and cyber security experts recommend taking these five key steps now.
1. Set up your firewall or UTM with application-level inspection.
One of the most important aspects of network security is your firewall or Unified Threat Management (UTM) appliance. Your firewall or UTM should be set up to authenticate access for every application that works with patient data.
2. Configure your UTM to block outside file transfers and peer-to-peer exchanges.
Whenever a user attempts to transfer a file outside of a designated application, or to unapproved storage media, the action should be blocked. An unsecured device could lead to a costly data breach.
Even if an employee is attempting to transfer patient health information to another storage medium as part of legitimate job duties, the request needs to be denied in order to keep the information secure.
3. Create separate VLANs for HIPAA and non-HIPAA use.
One common networking mistake is setting up one-size-fits-all security. But if every endpoint communication is subject to deep packet inspection, it could slow down your network or interfere with the performance of certain enterprise apps.
There is a better solution recommended by IT security in Las Vegas: separate those users and endpoints who need access to patient health information from those who don't. Use your firewall to route traffic between VLANs. That way, you avoid slowing down your entire network.
4. Expand your storage to archive all firewall logs.
Because HIPAA regulations require you to log, audit, and monitor all access to patient health information, your storage needs will grow over time. Look for scalable and reliable Las Vegas cloud storage solutions that are secure for archiving medical data logs.
5. Get a network assessment before your next HIPAA audit.
According to the U.S. Department of Health & Human Services, 69% of HIPAA complaints result in corrective action. Noncompliance fines are rising sharply.
To minimize the risk of failing a HIPAA audit, get a network assessment from the Las Vegas cyber security experts. Intelligent Technical Solutions provides total security solutions to keep patient health information secure, make sure your organization stays HIPAA compliant, and help you avoid expensive fines.
To start your network assessment, contact ITS today.
Intelligent Technical Solutions is a Cybersecurity Company here in Las Vegas. We set up, maintain and secure the technology of small and mid-size businesses across the metro area. Our mission is to help businesses thrive by managing their technology. Contact us to get a 2 Hour FREE Network Assessment.