If you are a healthcare covered entity or a business associate to a healthcare provider you better get on your encryption game. If you have not done your risk assessment you better do that, too. Here is a good article on the topic of the HIPAA Omnibus Rule that took effect on March 26th, 2013. I will lead off with this quote from an article titled HIPAA Compliance in the Spotlight by Marianne Kolbasuk McGee who I have been following for years.
“Experts point out that the lack of timely risk assessment has also played a key role in organizations failing to take other important measures, such as widespread implementation of encryption. OCR's "wall of shame" website shows that of the 556 major breaches that have occurred since September 2009, more than half have involved the loss or theft of unencrypted computing devices (see: Breach Tally: Encryption Still an Issue).”
My team at Alvaka Networks has been working hard creating a family of managed HIPAA compliance oriented services to help you meet your regulatory obligations. I am proud of the new encryption service they created for our covered entity and business associate clients. Call or e-mail me if you have questions at 949 428-5005 or firstname.lastname@example.org.