Are your ePHI file transfers secure enough?

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on reddit

The $218,400 fine in the US case of St. Elizabeth’s Medical Center, Massachusetts (SEMC) is only the latest reminder of the importance of ensuring file transfers are safe. In that case, the hospital’s handling of files was deemed so poor that the fine was levied even though there was no evidence of an actual breach.

The SEMC staff were using an Internet-based document sharing application to store electronic protected health information (ePHI) without having analyzed the associated risks. ePHI was also found on an employee’s personal laptop and flash drive.

IT departments know that employees not provided with a secure option to transfer files will likely find a workaround. And that solution might well be unsafe. The best way to improve security is for IT itself to bring in a secure file transfer system that:

  1. Is easy for employees to use. (So they have no incentive to work around it.)
  2. Meets regulatory requirements and industry best practice.

What qualities should a secure file transfer system have?

1. Encryption in transit and at rest

Files are not only vulnerable in transit. They can also be attacked while they are sitting on your system. Files at rest must be encrypted as well as the files that are moving.

2. Intended recipients only

Files are safer if intended recipients have to identify themselves before accessing the file. This way it does not matter if the email announcing the availability of the file is intercepted.

3. Think like a library

3a– Limit time

A file, like a library book, does not need to be available to the recipient forever. Set limits on how long a file is available for download.

3b– Know who has what

A best-practice secure file transfer system will include an audit trail showing not just who sent a file but to whom and onto what devices that file was moved. Log every action. This information helps identify breaches and gives certainty about what information was compromised if any.

4. Digital health warnings

When files, like people, move back and forth between different environments, it is more likely an infection will enter the population. Files should be thoroughly scanned for malware when they arrive on the system and before they are accessible.

5. A matter of policy

When your choice of secure file transfer system is made, incorporate the conditions of its use into a policy. This should not be just as a compliance checkbox exercise. It should be backed by regular training.

More to explore

Introducing VMware vSphere 6.7!

We are excited to share that today VMware is announcing vSphere 6.7, the latest release of the industry-leading virtualization and cloud

2 thoughts on “Are your ePHI file transfers secure enough?”

  1. A secret weapon for anyone who needs content. I dont need to tell you how important it is to optimize every step in your SEO pipeline. But unfortunately, its nearly impossible to cut out time or money when it comes to getting good content. At least thats what I thought until I came across Article Forge. Built by a team of AI researchers from Stanford, MIT, Carnegie Mellon, Harvard, Article Forge is an AI content writer that uses deep learning models to research, plan out, and write entire articles about any topic with the click of a button. Their team trained AI models on millions of articles to teach Article Forge how to draw connections between topics so that each article it writes is relevant, interesting and useful. All their hard work means you just enter a few keywords and Article Forge will write a complete article from scratch making sure every thought flows naturally into the next, resulting in readable, high quality, and unique content. Put simply, this is a secret weapon for anyone who needs content. I get how impossible that sounds so you need to see how Article Forge writes a complete article with the Click Here:👉

  2. 👉 $5,000 FREE EXCHANGE BONUSES BELOW 📈 👉 PlaseFuture FREE $3,000 BONUS + 0% Maker Fees 📈 + PROMOCODE FOR NEWS USERS OF THE EXCHANGE 👉 [M0345IHZFN] — 0.01 BTC 👉 site: Our site is a secure platform that makes it easy to buy, sell, and store cryptocurrency like Bitcoin, Ethereum, and More. We are available in over 30 countries worldwide.

Leave a Comment