Are you in Texas offering remote monitoring services?
Stuart R. Crawford / Stuart Crawford
Ulistic is a member of a very active HIPAA focused LinkedIn group. Over the past few days and interesting discussion around remote access and IT companies offering remote monitoring.
What got my attention was how the MSP or IT consulting firm was reporting the loss of data when a former employee started deleting files through the clinics remote access. In accordance to HIPAA rules.
What is unclear to me is this. Was the employee released an actual former employee of the MSP?
A question was raised on remote monitoring and if the IT firm or managed services provider had a “security license”. One of the group members mentioned that in some states IT firms who offer or perform remote monitoring must have a security license. Now, I am now expert at this so I asked the group for additional information and this is what I received.
Jerry Webb • @Stuart, the privacy laws vary from state to state so you will need to check each states privacy laws you plan on offering services to (some are more strict than others). In Texas (where I reside), you will most definitely need to obtain a security license to offer monitoring services in the situation stated above by Donna. In the above example, if this were to have happened in Texas, the owner of the new IT company would have been fined by the state or serve jail time depending on the situation, and the medical practice that hired this company to perform such work without a license would have also been fined. Texas is dead serious about it and they don’t hold back any punches when it comes to this stuff; I’ve seen it first hand through companies I do business with.
Love to hear from you. Does your IT consulting firm or MSP have a security license when offering remote monitoring services?