The HIPAA Security Rule contains administrative safeguards in the form of security standards. One of these standards requires covered entities and business associates to implement a security awareness and training program for all workforce members. Implementation consists of (among other activities) developing procedures for guarding against, detecting, and reporting malicious software. The government has not “certified” any particular antivirus software program as the “HIPAA Antivirus Software” an organization must use. However, selection and use of antivirus software to serve as your HIPAA antivirus software, can play an important role in securing your network against malware.
What Does HIPAA Antivirus Software Do?
HIPAA compliant antivirus software protects against viruses and malware from being installed on a computer network. Malware can cause a breach of unsecured electronic protected health information, or ePHI.
The purpose of antivirus software for HIPAA (HIPAA antivirus software) is preventive. That is, antivirus software is deployed to prevent files containing viruses from being downloaded onto a computer. Antivirus software will attempt to prevent the virus from being activated, should the virus get downloaded onto your computer or placed in memory. If the file with the virus is not downloaded, the virus will not activate.
If the infected file is downloaded and then run, the virus becomes active. Put another way, a HIPAA compliant antivirus software’s protection-by-prevention cannot help at this point. Once the virus has been activated (viruses are typically activated accidentally, such as by clicking a bad URL link, or opening a virus-infected file attachment in an email), antimalware software – a malware remover – is needed to remove the active virus. Malware removers also can remove inactive malware that is hidden and lurking on the computer. This malware can be hidden because it was not detected by the antivirus software in the first instance.
How Does Antivirus Software Actually Work?
Antivirus software works by running in the background as a user operates a computer. The software checks every file that is opened. This type of background scanning goes by different names, including on-access scanning, real-time protection, or resident scanning. Different software manufacturers may use different names to describe this type of software.
When a user activates a .exe (“executable”) file (a file that opens a program), the antivirus software checks the program that is launched, comparing the program to known viruses and malware. In addition, the antivirus software performs what is called a heuristic check, which is a check of the launched program to determine if it displays signs indicating a new, previously unknown virus.
Antivirus programs scan other types of files, such as .zip archives files and Word documents. .zip archive files may contain compressed viruses while Word documents may contain malicious macros.
Antivirus software can perform full system scans in addition to on-access scans. Full disk scans are useful when repairing an infected computer. That computer’s hard drive can be repaired by inserting the hard drive in another computer, and performing a full-system scan for viruses. In this way, a hard drive can safely be determined to be “clean.”
