Tips for Working from Home Securely

In the field of healthcare, keeping protected healthcare information (PHI) secure and private is necessary for compliance. HIPAA has specific rules about how PHI can be stored and shared. As the world deals with a changing workforce dynamic, you may be wondering what working from home securely looks like. As a company that began as being completely remote and still has the majority of its workforce in this model, we wanted to share how we work securely every day.

How to Master Working from Home Securely

Follow these tips to ensure safe and secure data practices.

Educate employees on HIPAA rules

All your employees should participate in HIPAA training at the beginning of their employment with an update at least annually. What do your employees need to know? Check out our HIPAA compliance checklist for employees.

Provide VPN access

Deploying a VPN keeps data secure as it moves from core systems to remote employees. A VPN adds another layer of security, which hides the user’s IP address, encrypts data while in transit, and masks the user’s location. Every remote employee that has access to PHI should be using a VPN.

Keep data security protection up to date

All the layers of security on your network must be updated as needed to ensure patch installation. This includes virus checkers, firewalls, and device encryption. 

Define rules on passwords

The 2019 Verizon Data Breach Investigation Report (DBIR) found that 80% of hacking-related breaches were the result of compromised and weak employee passwords. To mitigate this risk, you should develop password guidelines. Further, you should use a password manager to act as a digital vault, such as 1Password. You can also promote greater security with two-factor authentication.

Maintain software updates

Every software or application that your company uses that interacts with PHI should be kept updated. Activate automatic updating to devices to ensure nothing gets missed. These updates are imperative to ensuring your software is safe to use.

Use the cloud

The cloud has proven to be a much more secure way to store, share, and manage data. If you are still using on-site servers, they are actually more vulnerable. We partner with Flexential, as our trusted data center. They host all our servers and are a top-tier, national colocation provider. Their certifications include PCI DSS, HIPAA compliance, HITRUST CSF, SOC 1, 2 & 3 Type 2, ISO 27001, NIST 800-53, EU-U.S. privacy shield framework, and ITAR.

Develop and maintain your business continuity plan

Having a business continuity plan is a must for any healthcare organization. Beyond just including the steps for disaster recovery, business continuity planning defines how you’ll keep running. It should consist of your data backup protocols and what you’ll do to keep workers and assets protected. 

Working from Home Securely: Keep Your Business Safe and Up

As the new normal begins to shift, working from home is essential to keep your employees safe and your business running. If you haven’t established a plan for this, start with these vital tips.