Does spyware and adware qualify as 'malicious software' under the HIPAA rules?

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

The security rules of HIPAA mention "malicious software" and the need to prevent it from gaining access to information systems containing PHI. Most people I talk to on the subject think it only applies to computer viruses and are not aware of the security, privacy and stability issues involved with spyware and adware. Do you feel that spyware and adware qualify as "malicious software" under the HIPAA rules? The HIPAA Security Rule defines malicious software is defined as "software, for example, a virus, designed to damage or disrupt a system." To answer your specific question, yes, I think spyware and adware definitely falls in this category. No one but the marketing companies and other malicious outsiders benefit from spyware and adware. In fact, many organizations are harmed, and the security and privacy of PHI and other confidential information are breached every day from this stuff. Therefore, you should address and handle this malware just like any virus, worm or Trojan horse. There are some great shareware and commercial products out there to help fill this void that typical antivirus software doesn't cover. For more info on this topic, please visit these SearchSecurity.com resources:

Best Web Links: Health care/health services

Security Policies Tip: HIPAA -- Points to consider

Executive Security Briefing: instilling a HIPAA mindset

This was last published in October 2003

Dig Deeper on HIPAA

SearchCloudSecurity

Free Malware protection and removal information

Prevent and defend against spyware infection

Spyware glossary

Malware overview: the full details

Please create a username to comment.

Defining and evaluating SOC as a service

Get to know the elements of Secure Access Service Edge

Boost security with a multi-cloud workload placement process

CloudGenix-Palo Alto buy combines SD-WAN with cloud security

A deep dive into the differences between 5G and Wi-Fi 6

Maintaining network infrastructure in a pandemic and beyond

C-suite executives offer advice on working remotely during pandemic

How IT can build an agile business partnership

Former Cisco CEO offers C-suite leadership tips in time of crisis

How to evaluate on-premises vs. cloud-based MDM, UEM

How CMT, MDM and EMM merged into UEM software

How to enable and troubleshoot fast startup in Windows 10

5 tips that can lead to Azure cloud management success

Explore the pros and cons of cloud computing

How to protect and manage Azure Pipelines secrets with Key Vault

Coronavirus: The role of AI in the ‘war’ against epidemics and pandemics

Coronavirus: Magecart attacks on online retailers jump 20%

What the Court of Appeal referrals mean to those who campaigned for justice for subpostmasters

Related Resources

Dig Deeper on HIPAA

Free Malware protection and removal information

Prevent and defend against spyware infection

Spyware glossary

Malware overview: the full details

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.