{"id":2630,"date":"2013-09-18T00:00:00","date_gmt":"2013-09-18T00:00:00","guid":{"rendered":"http:\/\/otava.test\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/"},"modified":"2013-09-18T00:00:00","modified_gmt":"2013-09-18T00:00:00","slug":"the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance","status":"publish","type":"post","link":"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/","title":{"rendered":"The \u2018What, Why, How and Who\u2019 of Data Encryption for HIPAA and Meaningful Use Compliance"},"content":{"rendered":"
\"Brian
Brian Balow<\/figcaption><\/figure>\n

Before law school, Brian Balow studied journalism for five semesters of his undergraduate years, so using an adaptation of the reporting axiom \u2018who, what, where, when, why and how\u2019 was a logical way to break down the points in his recent \u2018Tuesdays at 2\u2019 webinar, Removing the ‘Cryptic’ from ‘Encryption’ – HIPAA and the Meaning of Secure PHI<\/a>.<\/p>\n

And because the former cum laude graduate of the University of Georgia School of Law is now a leading attorney concentrating his practice at Dickinson Wright PLLC in the areas of information technology \u2013 and a valued contributor to Online Tech\u2019s series of educational webinars<\/a> \u2013 his arbitrary arrangement of that axiom was deemed admissible by the court of public opinion.<\/p>\n

Here is what you can expect to learn by viewing a replay of the 51-minute presentation about Protected Health Information (PHI) and data encryption as it relates to HIPAA and Meaningful Use compliance (available here<\/a>):<\/p>\n

    \n
  1. What (requires protection)?<\/li>\n
  2. Why (is protection important)?<\/li>\n
  3. How (should it be protected)?<\/li>\n
  4. Who (should encrypt)?<\/li>\n<\/ol>\n

    That\u2019s a lot of questions that need to be answered, something Balow noted when he was \u2018doing a little historical digging\u2019 into the legislative history and language around HIPAA in preparation for the webinar.<\/p>\n

    \u201cIt\u2019s interesting and a little disappointing that when you look back even in 1996, there was a focus on the electronic exchange of health information. They knew this was the wave of the future even back then,\u201d Balow said. \u201cFast forward to September of 2013 and we\u2019re still talking about issues that pertain to electronic health records, and how they\u2019re protected, and Meaningful Use to try to incentivize organizations and providers to adopt records. So we\u2019re coming up on 20 years and we\u2019re still working on this stuff.\u201d<\/p>\n

    A summarized recap of the presentation follows. For complete details, view the recording<\/a> and download slides<\/a> for access to resource links.<\/p>\n

    What (requires protection)?<\/strong><\/p>\n

    Protected Health Information (PHI) must be protected. Balow covered the long, legalese definition, but said it comes down to this: Any electronic health information that identifies an individual or can be used to identify an individual must be encrypted.<\/p>\n

    Balow notes that there is a lot of overlap between HIPAA, Meaningful Use and other personally identifiable information (PII)-centered laws such as state data breach notification laws, the PCI Data Security Standard, the Gramm-Leach-Bliley Act, etc. \u201cThe point being,\u201d Balow said, \u201cIf it\u2019s individually identifiable information in the healthcare industry, it\u2019s likely PII in other industries, as well.\u201d<\/p>\n

    Why (is protection important)?<\/strong><\/p>\n

    Balow covered the HIPAA Enforcement Rule, Security Rule and Breach Notification Rule in depth. He notes the security rule \u201cis the part of HIPAA that really has caused most of the noise over the last nine months since the final rule came out, because there was a host of business associates out there who suddenly were directly liable \u2026 who did not have the administrative, technical and\/or physical safeguards in place that were required of them.\u201d<\/p>\n

    Cited in the webinar is Office for Civil Rights statistics that show 9,411 investigations resolved in 2012, a number Balow says is an increase from zero not many years ago. He also covers HIPAA civil money penalties resulting from failure to encrypt.<\/p>\n

    Balow points out that one reason to encrypt data is because the Breach Notification Rule requires notification of a breach only after unsecured<\/span> protected health information. Electronic PHI becomes secured through the adoption of encryption techniques approved by HIPAA regulations.<\/p>\n

    \u201cPutting aside the potential civil money penalties \u2013 which are not insignificant \u2013 if you are dealing with unsecured PHI and have a breach, you have the added cost of hiring a lawyer or using internal resources to do an analysis and prepare the notices and figure out everyone you have to track down. Keep in mind you\u2019ll probably have to do that with state data breach notification laws and potential federal trade commission issues related to your privacy policy. As well as the bad publicity that goes with it. If I encrypt, I need not worry about this.\u201d<\/p>\n

    Balow also describes how the use of encryption to reach Meaningful Use, Stage 2 status is more focused on end-user device encryption, such as laptops, flash drives and mobile hardware.<\/p>\n

    How (should it be protected)?<\/strong><\/p>\n

    For HIPAA compliance, encryption is the use of an algorithmic process to transform data into a form in which there is a low probability of assigning meaning without use of a confidential process or key and that process or key must be stored separate from the data. Any process must be judged to meet National Institute of Standards and Technology (NIST) standards.<\/p>\n

    Noting he\u2019s an attorney and not a technology expert, Balow pointed to an Online Tech resource to help answer this question: \/blog\/encrypting-data-to-meet-hipaa-compliance<\/a><\/p>\n

    The Centers for Medicare & Medicaid Services, who deem Meaningful Use status, also emphasize the importance of organizations \u2018including in its security risk analysis an assessment of the reasonable and appropriateness of encrypting electronic protected health information as a means of securing it, and where it is not reasonable and appropriate, the adoption of an equivalent alternative measure.\u2019<\/p>\n

    Translation, counselor?<\/p>\n

    \u201cI think what they\u2019re really saying is, if you are properly performing a HIPAA security risk analysis \u2013 which you are required to do if you are a covered entity or a business associate \u2013 then whatever conclusion you reach as it pertains to encryption under that regime should suffice under the meaningful use regime,\u201d Balow said.<\/p>\n

    Balow also took a moment to suggest finding additional information on the U.S. Department of Health and Human Services<\/a> and\u00a0 the Centers for Medicare and Medicaid Services<\/a> websites.<\/p>\n

    \u201cThey\u2019ve done a lot of work, gone through a lot of effort, to put resources and information on their websites to help people in the industry to understand and comply with what is now required under HIPAA and with respect to the Meaningful Use regulations,\u201d Balow said.<\/p>\n

    Who (should encrypt)?<\/strong><\/p>\n

    Balow said he has been guilty in the past of making broader statements in certain contexts as it relates to \u2018who should encrypt?\u2019 than really are appropriate. \u201cIt\u2019s an easy conclusion to reach, why wouldn\u2019t we encrypt?\u201d Balow said. \u201cBut it is not necessarily a one size fits all. Context does matter.\u201d<\/p>\n

    He notes encryption is one of many tools to protect data, and is not required in all environments. A \u2018wild example:\u2019 A doctor in the Upper Peninsula of Michigan who only takes cash and has all paper records doesn\u2019t need to encrypt.<\/p>\n

    Beyond that, and some other less unusual examples, Balow said that if you are an Eligible Professional (EP), Eligible Hospital (EH) or Critical Access Hospital (CAH), the likelihood is that encryption makes sense to achieve Meaningful Use status.<\/p>\n

    \u201cThe way that I read the regulations is that if you want to meet Stage 2, you are going to encrypt,\u201d Balow said. \u201cIt would probably be a rare case where you could get out of Stage 2.\u201d<\/p>\n

    Even those organizations that don\u2019t take Medicare and Medicaid \u2013 and therefore aren\u2019t interested in Meaningful Use compliance \u2013 still need to make a serious risk assessment, he said. He noted the previously-mentioned Breach Notification Rule alone may be enough to drive a decision to encrypt.<\/p>\n

    \u201cYou are still subject to HIPAA as a covered entity or a business associate. You don\u2019t care about Meaningful Use, but you still need to do that Security Rule risk assessment that will guide your decision on whether to encrypt,\u201d he said. \u201cRemembering it\u2019s an addressable standard and you have to prove why you shouldn\u2019t encrypt \u2013 why your technical safeguards, physical safeguards and administrative safeguards are sufficient so additional steps are not required.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"

    Before law school, Brian Balow studied journalism for five semesters of his undergraduate years, so using an adaptation of the reporting axiom \u2018who, what, where, when, why and how\u2019 was a logical way to break down the points in his recent \u2018Tuesdays at 2\u2019 webinar, Removing the ‘Cryptic’ from ‘Encryption’ – HIPAA and the Meaning of Secure PHI. And because the former cum laude graduate of the University of Georgia School of Law is now a leading attorney concentrating his practice at Dickinson Wright PLLC in the areas of information technology \u2013 and a valued contributor to Online Tech\u2019s series of educational webinars \u2013 his arbitrary arrangement of that axiom was deemed admissible by the court of public opinion. Here is what you can expect to learn by viewing a replay of the 51-minute presentation about Protected Health Information (PHI) and data encryption as it relates to HIPAA and Meaningful Use compliance (available here): What (requires protection)? Why (is protection important)? How (should it be protected)? Who (should encrypt)? That\u2019s a lot of questions that need to be answered, something Balow noted when he was \u2018doing a little historical digging\u2019 into the legislative history and language around HIPAA in preparation…<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[],"other_category":[],"class_list":["post-2630","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"acf":[],"yoast_head":"\nThe \u2018What, Why, How and Who\u2019 of Data Encryption for HIPAA and Meaningful Use Compliance | OTAVA<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The \u2018What, Why, How and Who\u2019 of Data Encryption for HIPAA and Meaningful Use Compliance\" \/>\n<meta property=\"og:description\" content=\"Before law school, Brian Balow studied journalism for five semesters of his undergraduate years, so using an adaptation of the reporting axiom \u2018who, what, where, when, why and how\u2019 was a logical way to break down the points in his recent \u2018Tuesdays at 2\u2019 webinar, Removing the ‘Cryptic’ from ‘Encryption’ – HIPAA and the Meaning of Secure PHI. And because the former cum laude graduate of the University of Georgia School of Law is now a leading attorney concentrating his practice at Dickinson Wright PLLC in the areas of information technology \u2013 and a valued contributor to Online Tech\u2019s series of educational webinars \u2013 his arbitrary arrangement of that axiom was deemed admissible by the court of public opinion. Here is what you can expect to learn by viewing a replay of the 51-minute presentation about Protected Health Information (PHI) and data encryption as it relates to HIPAA and Meaningful Use compliance (available here): What (requires protection)? Why (is protection important)? How (should it be protected)? Who (should encrypt)? That\u2019s a lot of questions that need to be answered, something Balow noted when he was \u2018doing a little historical digging\u2019 into the legislative history and language around HIPAA in preparation...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/\" \/>\n<meta property=\"og:site_name\" content=\"OTAVA\" \/>\n<meta property=\"article:published_time\" content=\"2013-09-18T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/brian-balow.jpg\" \/>\n<meta name=\"author\" content=\"Irma Brillantes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Irma Brillantes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/\"},\"author\":{\"name\":\"Irma Brillantes\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\"},\"headline\":\"The \u2018What, Why, How and Who\u2019 of Data Encryption for HIPAA and Meaningful Use Compliance\",\"datePublished\":\"2013-09-18T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/\"},\"wordCount\":1306,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/brian-balow.jpg\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/\",\"url\":\"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/\",\"name\":\"The \u2018What, Why, How and Who\u2019 of Data Encryption for HIPAA and Meaningful Use Compliance | OTAVA\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/brian-balow.jpg\",\"datePublished\":\"2013-09-18T00:00:00+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#primaryimage\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/brian-balow.jpg\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/brian-balow.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.otava.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The \u2018What, Why, How and Who\u2019 of Data Encryption for HIPAA and Meaningful Use Compliance\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.otava.com\/#website\",\"url\":\"https:\/\/www.otava.com\/\",\"name\":\"OTAVA\u00ae\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.otava.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.otava.com\/#organization\",\"name\":\"OTAVA\u00ae\",\"url\":\"https:\/\/www.otava.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"caption\":\"OTAVA\u00ae\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\",\"name\":\"Irma Brillantes\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"caption\":\"Irma Brillantes\"},\"url\":\"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"The \u2018What, Why, How and Who\u2019 of Data Encryption for HIPAA and Meaningful Use Compliance | OTAVA","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/","og_locale":"en_US","og_type":"article","og_title":"The \u2018What, Why, How and Who\u2019 of Data Encryption for HIPAA and Meaningful Use Compliance","og_description":"Before law school, Brian Balow studied journalism for five semesters of his undergraduate years, so using an adaptation of the reporting axiom \u2018who, what, where, when, why and how\u2019 was a logical way to break down the points in his recent \u2018Tuesdays at 2\u2019 webinar, Removing the ‘Cryptic’ from ‘Encryption’ – HIPAA and the Meaning of Secure PHI. And because the former cum laude graduate of the University of Georgia School of Law is now a leading attorney concentrating his practice at Dickinson Wright PLLC in the areas of information technology \u2013 and a valued contributor to Online Tech\u2019s series of educational webinars \u2013 his arbitrary arrangement of that axiom was deemed admissible by the court of public opinion. Here is what you can expect to learn by viewing a replay of the 51-minute presentation about Protected Health Information (PHI) and data encryption as it relates to HIPAA and Meaningful Use compliance (available here): What (requires protection)? Why (is protection important)? How (should it be protected)? Who (should encrypt)? That\u2019s a lot of questions that need to be answered, something Balow noted when he was \u2018doing a little historical digging\u2019 into the legislative history and language around HIPAA in preparation...","og_url":"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/","og_site_name":"OTAVA","article_published_time":"2013-09-18T00:00:00+00:00","og_image":[{"url":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/brian-balow.jpg","type":"","width":"","height":""}],"author":"Irma Brillantes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Irma Brillantes","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#article","isPartOf":{"@id":"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/"},"author":{"name":"Irma Brillantes","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263"},"headline":"The \u2018What, Why, How and Who\u2019 of Data Encryption for HIPAA and Meaningful Use Compliance","datePublished":"2013-09-18T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/"},"wordCount":1306,"commentCount":0,"publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"image":{"@id":"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#primaryimage"},"thumbnailUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/brian-balow.jpg","inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/","url":"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/","name":"The \u2018What, Why, How and Who\u2019 of Data Encryption for HIPAA and Meaningful Use Compliance | OTAVA","isPartOf":{"@id":"https:\/\/www.otava.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#primaryimage"},"image":{"@id":"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#primaryimage"},"thumbnailUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/brian-balow.jpg","datePublished":"2013-09-18T00:00:00+00:00","breadcrumb":{"@id":"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#primaryimage","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/brian-balow.jpg","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/brian-balow.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.otava.com\/blog\/the-what-why-how-and-who-of-data-encryption-for-hipaa-and-meaningful-use-compliance\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.otava.com\/"},{"@type":"ListItem","position":2,"name":"The \u2018What, Why, How and Who\u2019 of Data Encryption for HIPAA and Meaningful Use Compliance"}]},{"@type":"WebSite","@id":"https:\/\/www.otava.com\/#website","url":"https:\/\/www.otava.com\/","name":"OTAVA\u00ae","description":"","publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.otava.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.otava.com\/#organization","name":"OTAVA\u00ae","url":"https:\/\/www.otava.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","caption":"OTAVA\u00ae"},"image":{"@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263","name":"Irma Brillantes","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","caption":"Irma Brillantes"},"url":"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/"}]}},"_links":{"self":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/2630","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/comments?post=2630"}],"version-history":[{"count":0,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/2630\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/media?parent=2630"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/categories?post=2630"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/tags?post=2630"},{"taxonomy":"other_category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/other_category?post=2630"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}