A partner in the Philadelphia offices of Reed Smith LLP, Brad Rostolsky practices in the firm’s Life Sciences Health Industry Group. Focused primarily on health care regulatory and transactional law, Brad Rostolsky advises clients on information privacy and security compliance under the Health Insurance Portability and Accountability Act (HIPAA).
Because HIPAA directly addresses the need for security in electronic transmission of health-related information, allowing employees to work from home includes the need for companies to take various steps to ensure privacy and security. Companies typically start by assessing their risk, whether employees use a cloud-based system or tap directly into the network. Companies should also implement security protocols at the computer level, such as installing antivirus software and scheduling regular security updates.
Once a company implements security procedures for employees working from home, it should continually monitor the security of its systems and audit employees for compliance. The company must keep a careful log of employees who work from home, which allows for efficient updates of security software and connectivity practices. Implementing policies that address the actual manner in which employees/workforce members interact with the company's system is also critical.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.