Privacy & Security: What to Keep in Mind
Privacy and security are two topics that we think about all the time. Am I parked in a safe spot? What safeguards can I put in place to ensure my credit card number remains safe when I shop online? Are my passwords on social media strong enough?
While the questions above broach the topic of individual security, as business leaders we also need to think about how similar safeguards impact our companies and work. We must ask ourselves: Which safeguards do I need to put in place to ensure I do not expose health information?
At DHS Group, we are already thinking about those things and more as we approach and manage countless pieces of data and information on a daily basis. When you’re working with vendors, there are a few questions and notes to keep in mind:
Data and web security
- Do your vendors hold a SOC 2 Type II certification? Created by the American Institute of Certified Public Accountants (AICPA), the SOC 2 reports on the security, availability, processing integrity, confidentiality and privacy of an organization’s data and reports.
- What lengths of care does the vendor put into the safety and security of their technology and internet connection?
- If there is any personal health information involved, HIPAA compliance is not just something that’s important – it’s required.
- Do the employees at the company you’re working with go through HIPAA training?
Read more about getting started with HIPAA, including learning the five basic rules and regulations for employers, and DHS’s all-employee HIPAA training program here.
- Devices should be high quality. Do your research – has a customer ever reported a case of physical harm from the product?
- Is device software updated and current with the times? Software that lacks continuous updates can become apt to business continuity risks.
Read more about the steps DHS puts into place when it comes to the safety and security of its wellness programs and Movband here.