Topics covered in this newsletter include Communicating Trending Scams, and Updates to the Information Access Control Policy and the Payment Card Industry (PCI) Security Awareness Policy.
Communicating About IT Security
Beyond Phishing
Topics covered in this newsletter include Phishing, Spear Phishing, Vishing, and Smishing.
Working Securely From Home
This seems to be a very opportune time to remind everyone about how to work securely fromhome. You: First and foremost, technology alone cannot fully protect you; you are the…
General Right & Information Included in the Right of Access: The “Designated Record Set”
General Right The HIPAA Privacy Rule generally requires organization’s health plans and most health care providers (Covered Entities) to provide individuals, upon request, with access to the protected health information…
State Law Pre-emption & Permitted Uses and Disclosures: Exchange for Health Care Operations
State Law Pre-emption State laws that are contrary to the HIPAA regulations are pre-empted by the federal requirements, which means the federal requirements will apply. “Contrary” means it would be…
Storage Security & Mobile App Security
Storage Security An end user device is a personal computer (desktop or laptop), individual device (e.g., personal digital assistant [PDA], smart phone, etc.), or removable storage media (e.g., USB flash…
Right to Confidential Communication & Threat
Right to Confidential Communication Accommodate reasonable requests for communications to individuals by alternative means or at alternative location: Some individuals may prefer communications through unencrypted e-mails; Other individuals may not…
Install a Personal Firewall & Keep a Clean Machine
Install a Personal Firewall A firewall detects any unexpected incoming connections from the Internet or unexpected outgoing connections o the Internet. These connections may be used to send information from…
Issues Related to De-Identification & Install Anti-Virus Software (“AV”)
Issues Related to De-Identification De-identifying PHI according to HIPAA Privacy Rule may enable many research activities; however, the HIPAA Privacy Rule recognizes researchers may need access to, and the ability…
Personal Password Security & Potential HIPAA Security Violations
Personal Password Security Recent hacking events at retail stores and financial institutions have made us more aware about protecting our personal passwords. How often do you change passwords for your…
Sandy Lindsey
Chief Information Security Officer
Information Technology Services
The University of Tennessee
Institute of Agriculture