Encryption's Role in Breach PreventionAn Updated Risk Analysis Will Lead to Broader Encryption Use
As a result, the HITECH Act's electronic health record incentive program could prove to be a powerful encryption catalyst, the regulatory compliance expert says. That's because those applying for incentive payments must conduct an updated risk assessment and take action to remediate any risks identified.
"Many organizations are going to find once they go through a risk analysis that encryption is a good security solution for them," she says.
In an interview, Leopard also:
- Stresses that a key to winning the support of senior executives for widespread use of encryption is to portray the investment as critical to preventing breaches and avoiding reputational harm. She advises security professionals to describe an encryption investment as "something we need to be doing to stay off the front page of the newspaper."
- Discusses the breach-prevention value of encrypting data on mobile devices as well as using secure e-mail and virtual private networks;
- Describes how to work with business associates to make sure they're applying encryption to protect patient information.
Leopard is a partner at Bradley Arant Boult Cummings, based in the firm's Nashville office. A former hospital executive, she advises clients on a variety of strategic issues. She has more than 25 years of healthcare experience, including serving as vice president at academic medical center and community hospital settings.