
In a word, yes. HIPAA section 164.308 requires covered entities to “implement security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level.” Is it reasonable to have employees’ potentially leaving unencrypted laptops in the back seats of taxi cabs with private data on them? Of course not! The scenario of stolen, […]