I love going to the local coffee shop for a change of scenery, especially now that the weather is so nice here in North Carolina! I’m sure this is pretty common for most folks. The great thing about these places, besides a good cup of coffee, is the free public WiFi access. This is a great up sell for all of these establishments, and we can stay in contact with our office without actually having to be there… But, there are a few things you should think about before you surf and upload information with abandon.
Most major websites are going to have a properly applied SSL/TLS license. This Secure Socket License and Transport Layer Security is how your computer authenticates what site(s) you are on and encodes the information you put on these sites. This is so your neighbor can’t read your information in transit. That’s right, if you’re not encrypting your information in transit, it’s possible for an enterprising individual to see all your information go flying by and grab what they want.
This is why we have spent so much time talking about encryption when it comes to HIPAA – because, if you don’t have a properly encrypted data stream, your information is ripe for the picking. So, what do you do when you go to the local coffee shop or library, and you need to view your information?
Here are some handy tips to keep your PHI safe when accessing the internet via public wifi in order to comply with HIPAA.
1. Don’t send PHI or personal information over unsecured networks. If it can wait until you get home or back to work, then wait.
2. Make sure that any sites you surf have a valid SSL/TLS certificate. This means a green lock on your address bar, and the address will start with HTTPS:// instead of http://. (For those of you that didn’t see the difference, it’s all about the s as in HTTPS for Security) If it doesn’t have that lock, you should probably think twice about being there in the first place and you definitely shouldn’t be putting any of yours or your client’s information on this site!
3. Make sure you are encrypting any information you send,
4. Surfing a website is not a problem as long as you don’t reveal any information about yourself.
5. Look into using VPN, or Virtual Private Network, when you’re on public networks. This gives you a secure tunnel for transmitting your data. Your IT professional will be able to set this up fairly quickly. It can slow down your surfing a little, but it’s worth it for the extra security it will give you. .
6. Try to avoid the extra sugary items. This has nothing to do with security, but who needs the extra calories, right?
Stay HIPAA Compliant Friends!
