HIPAA Security and Your Desktop - PowerPoint PPT Presentation

1 / 16

About This Presentation

Title:

HIPAA Security and Your Desktop

Description:

Number of Views:31

Avg rating:3.0/5.0

Slides: 17

Provided by: ctil

Category:

Tags: hipaa | desktop | malware | security

Transcript and Presenter's Notes

Title: HIPAA Security and Your Desktop

1
HIPAA Security and Your Desktop

2
What does HIPAA mean?

3
Reasons to get started on HIPAA Security Measures

Your Data is already at risk
It's all about best practices that should already
be in place.
It's going to be cheaper and easier to do now
than in the future.
Current HIPAA privacy rule initiatives require
it.
Like privacy, the proposed security rule is more
about business culture and processes than it is
about technology, however there are still things
in technology that we can do to help keep things
private.

4
Technical Safeguards

5
Things you can do to your desktop

Change passwords often
Automatic logoff After a pre-determined time of
inactivity (for example, 15 minutes), an
electronic session is terminated.
Privacy screens
Update Software virus, malware, operating system
User Account Types on Machine

6
Change Passwords

UVM is working on a policy regarding passwords
and changing them.
So what can you do in the meantime?
When selecting a password for anything always try
to mix alpha, numeric and special charaters.
Dont use common words
Change Password every year
Do not share passwords
Do not save fixed passwords in your Web browser
or electronic mail client when using a computer
or system or accessing a resource
Do not store your passwords in a computer file
Do not give out your password to someone over the
phone

7
Automatic Log Off

Set computer to Automatically log off if some one
gets up and leaves the computer unattended.
Standard is 15mins however for laptops running on
battery standard is 5 mins.
Use Window key the letter L to lock your
screen when you get up to walk away from your
computer, and trains others in your department to
do the same.

8
Hardware Considerations

Privacy Screens
Critical depending on location of where key
people looking at sensitive data sit. (Example
front desk)

Do not attached other equipment that can
compromise the network such as hubs, routers
without prior approval from CIT

9
Software, Virus Protection

10
Malware

What is malware? Hostile or Malicious Code
This is code that mines for your data on your
computer.
Key Targets and Objectives of Malicious Code To
mine your data and sell it to the highest bidder
as well as other uses
Countermeasure Tools and Techniques Spybot
Adware

Two types of Users on Machine
Administrator Access to all files on computer,
can install programs and can change settings
Limited Account Runs installed software, but
cant install software, Can only change settings
for their own login.
Know what kind of users use your machine

12
Storing your Sensitive Date

13
Storage Devices

Do not send your or someone elses Social
Security number or other confidential information
over email or keep printouts of that information
in an insecure capacity such as on your desktop
Do not download or post confidential information
on any publicly accessible computer (e.g., those
in computer labs, cyber cafés, libraries,
residence halls), to mobile computing devices
(laptops, personal digital assistants, iPods,
etc.) and/or to non-University-owned computers.

If you must download confidential information to
portable storage media (e.g., memory sticks, CDs,
diskettes), then ensure that the storage media
are secured in locked cabinets or desks on
University property and properly label the media.
Take special care in disposing of confidential
information when its storage is no longer
necessary, includingShredding paper copies of
any confidential information.
Erasing magnetic media (floppy disks, hard
drives, zip disks, etc.) with a degaussing device
or disk-wiping software.
Destroying CD ROM disks/shedders

16
Other Resources