Per the Security Rule, each covered entity must ensure the confidentiality, integrity and availability of EPHI that it creates, receives, maintains or transmits; and must protect PHI against reasonably anticipated uses or disclosures that are not permitted by the Privacy Rule.
1.
Do you protect data files sent within your organization?
Yes
54
71%
No
22
29%
76
100%
2.
If so, how?
Password protected
36
65%
File encryption
22
40%
Transport security
21
38%
Server-based file permissions
36
65%
3.
Do you protect files, including transcription files, sent to any external organization?
Yes
68
89%
No
8
11%
76
100%
4.
If so, how?
Password protected
25
37%
File encryption
53
78%
Transport security
22
32%
Server-based file permissions
18
26%
5.
Does your organization protect data on portable devices?
Yes
59
80%
No
15
20%
74
100%
6.
If so, how?
Password protected
54
90%
Encrypted hard drive
9
15%
Encrypted files
11
18%
7.
Does your organization use forensic software to track potential electronic HIPAA breaches?
Yes
21
28%
No
53
72%
74
100%
TRANSCRIPTION:
8.
Is transcription outsourcing to transcription services companies, who in turn, outsource your transcription to vendors overseas, a security concern for you?
Yes
10
14%
No
60
86%
70
100%
9.
If your organization has voice data collection, storage, and retention, are you retaining voice data files (source data)?
