DON’T DO IT! The dangers of Instant Messaging are well documented.  In addition to the fact that IM is hugely insecure, even the popular instant messaging services are now also vulnerable  to any viruses, scammers and other attacks. Learn more about what you and your company should be doing…

Instant Messaging (IM) is an increasingly popular form of electronic communication that enables users to exchange text-based messages and files over the Internet in real-time.

Similar to telephone communication except via computer, IM applications allow users to maintain a contact or “buddy” list of other users; alert users when anyone on their list is “online”; and create semi-private sessions where users can exchange messages and data with each other in real-time. Popular IM providers include AOL, MSN, Yahoo, Skype and ICQ.

IM is not secure and should not be used to communicate any confidential or sensitive information, especially electronic Protected Health Information (ePHI).

IM providers maintain and control user messages, logs and connection information on their servers. Although providers offer some degree of encryption, there have been instances of IM user logs being captured and used for unethical or criminal purposes.

IM is subject to “eavesdropping” and hackers can use IM as an entry point to compromise data residing on a computer. IM also serves as an entry point for viruses, worms, Trojans and other forms of malware.

Do not use IM to communicate any protected health information (PHI). In addition, IM applications should not be installed on any computer that contains or accesses systems containing ePHI.

For further information, please visit this Symantec article entitled Instant Insecurity: Security Issues of Instant Messaging.

The complete HIPAA Privacy, Security and Breach regulations are here.

Contact us for more information or to learn about a tailored Clearwater HIPAA Audit Prep WorkShop™ or the Clearwater HIPAA Audit Prep BootCamp™ series.

More HIPAA HITECH Resources:

The complete HIPAA Privacy, Security and Breach regulations are here.

Join our AboutHIPAA LinkedIn Group:
Follow us on Twitter
Subscribe to our eNewsletter
Attend a live educational webinar.

Series Navigation<< HIPAA Privacy and Security Reminders – Do Not Abuse Your Information System PrivilegesHIPAA Privacy and Security Reminders – Encryption is The Key to Privacy and Information Security >>

Bob Chaput

CEO at Clearwater Compliance
Bob Chaput is widely recognized for his extensive and in-depth knowledge of healthcare compliance and cyber risk management, and is one of the industry’s leading authorities in healthcare information security today. As a leading authority safeguarding health data, Chaput has supported hundreds of hospitals and health systems to successfully manage healthcare’s evolving cybersecurity threats and ensure patient safety.