Meet us at HxRefactored

by Morgan Brown May 8, 2014

TrueVault will be at HxRefactored in Brooklyn, New York on May 14-15. Our CEO Jason will be speaking on Wednesday in the HIPAA and Data Security for developers track. His talk, “Decoding HIPAA for Developers” is focused on helping application developers and hardware engineers understand the ins-and-outs of HIPAA compliance for mobile apps, wearable technology and more. If you’re building a new mobile or web app, or software for new wearable devices you’ll want to put this session on your...

Read More

Need a Hand with TrueVault? AirPair Can Help!

by Morgan Brown March 1, 2014

TrueVault is excited to participate in AirPair's premium support program, which allows our customers to work with trusted TrueVault experts on complex API integrations and similar engagements. Airpair gives developers instant access to the world's best software engineering experts via online screensharing and video chat. There are lots of places that let non-engineers hire engineers one-off for low quality projects like oDesk, but Airpair is one of the few and the best that let developers...

Read More

Here's How to Keep Your Mobile Data Secure

by Morgan Brown January 15, 2014

More than 4.4 million phones were stolen or lost in 2013, according to Consumer Reports. With 70.4% of missing phones the result of theft, there is a lot of personal data floating around in the wrong hands. So how can you keep your phone data safe? Follow these nine tips to keep your personal data safe and secure, even if your phone is stolen. Keeping Mobile Data Safe Set a lock screen password.

Read More

What is the penalty for a HIPAA violation?

by Morgan Brown January 9, 2014

HIPAA violations are expensive. The penalties for noncompliance are based on the level of negligence and can range from $100 to $50,000 per violation (or per record), with a maximum penalty of $1.5 million per year for violations of an identical provision. Violations can also carry criminal charges that can result in jail time. Fines will increase with the number of patients and the amount of neglect. Starting with a breach where you didn’t know and, by exercising reasonable diligence, would...

Read More

HIPAA Compliant File Storage for Healthcare

by Jason Wang January 8, 2014

TrueVault can offer you HIPAA compliant storage for any file format. This is not just a file backup or cloud storage solution. Our BLOB Store was designed from the ground up to integrate with mobile applications, web apps, and wearable devices. File uploads, downloads, updates, and deletes are all accessible via a REST(ful) API. When TrueVault launched in September of 2013 we released HIPAA compliant storage for JSON Documents. In December 2013 we launched our BLOB Store.

Read More

Who Certifies HIPAA Compliance?

by Jason Wang January 4, 2014

The short answer is no one. Unlike PCI, there is no one that can “certify” that an organization is HIPAA compliant. The Office for Civil Rights (OCR) from the Department of Health and Human Services (HHS) is the federal governing body here. And, HHS does not endorse or recognize the “certifications” made by private organizations. There is an evaluation standard in the Security Rule § 164.308(a)(8), and it requires you to perform a periodic technical and non-technical evaluation to make sure...

Read More

How do I become HIPAA compliant? (a checklist)

by Jason Wang October 30, 2013

A little housekeeping before we answer the question. This article is not a definitive list of what is required for HIPAA compliance; you should assign a Privacy Officer to review each rule in its entirety. This article is intended to point you in the right direction. So you have determined that you are handling protected health information (PHI) and that you need to be HIPAA compliant. What’s next? What steps need to be taken in order to become HIPAA compliant?

Read More

HIPAA Physical Safeguards Explained, Part 2

by Jason Wang October 27, 2013

In a previous blog post titled, HIPAA Physical Safeguards Explained, Part 1, we covered the basics of the HIPAA Physical Safeguards and the first of four standards of the HIPAA Security Rule. In this post, we’ll cover the remaining three standards: Workstation Use, Workstation Security and Device and Media Controls. If you skipped part 1 of the series, you should read that first. Otherwise, Let’s dive right in. The Workstation Use standard states your entity must define what each workstation...

Read More

Do I Need To Be HIPAA Compliant?

by Jason Wang October 13, 2013

If you handle what’s called protected health information (PHI), then this is an important question to be asking because HIPAA violations can result in some serious penalties. What is PHI you ask? Good question. PHIis any information in a medical record that can be used to identify an individual, and that was created, used, or disclosed in the course of providing a health care service, such as a diagnosis or treatment.

Read More

HIPAA Physical Safeguards Explained, Part 1

by Jason Wang October 10, 2013

Update 10/27/2013: You can read part 2 of this series here Physical Safeguards are a set of rules and guidelines outlined in the HIPAA Security Rule that focus on the physical access to Protected Health Information (PHI). In contrast, Administrative Safeguards focus on policy and procedures, while Technical Safeguards focus on data protection. When we think about PHI, we typically think about the digital form of PHI: database records, PDF patient files, and MRI scan images.

Read More

Latest Posts

What happens after a data breach?

Privacy by design: Key philosophy of GDPR

Does GDPR apply to my company?

Introduction to GDPR

Mailing List