MACRA Deadline Approaching – Schedule your SRA today!

MACRA Deadline Approaching - Schedule your SRA today! In an effort to help medical practices maximize their Medicare reimbursements by meeting MACRA requirements, Third Rock is offering a 20% discount for our Security Risk Assessment package if you schedule your SRA with Third Rock by December 8th.Our tool, CompassDB, makes doing an SRA fast and easy.Our package offer includes:✓ Security Risk Assessment and detailed report ✓ A Security Risk Management consultant available onsite or online ...

Upcoming Events of Interest

The Health Care Compliance Association Regional Conference will be held in Houston on Dec. 8, 2017. Third Rock's COO, Ed Jones, PMP, CHSP, will be participating on a panel discussing the importance of Patient Information Privacy along with representatives from THSA and Winstead, PC.Members of our Third Rock Team will also be in Dallas on Dec.14 & 15 for the Cybersecurity Forum at the Dallas Health IT Summit. The Cybersecurity Forum brings together experts in healthcare IT security and p ...

MACRA 2017 deadlines are coming. Do you have a Security Risk Assessment scheduled before December 31st?

Right now the healthcare industry is in the final race to complete the requirements for MACRA, the new reimbursement scheme for Medicare. Thousands of dollars are at risk – failing to satisfy the MACRA requirements in 2017 will result in payment reductions for all of 2019!Submerged within the 2,398 pages of MACRA lies a key requirement for eligibility - completing a security risk assessment (SRA). The SRA is a “core requirement.”  Without an SRA, a healthcare practice can undo all their other eff ...

HIPAA Compliance is a Business Decision

A couple of weeks ago, I was talking with a technology vendor who is starting to move into the healthcare space. Their technology isn’t used in the creation or manipulation of patients’ protected health information (PHI), but they do store information on behalf of healthcare organizations that could potentially include PHI. They wanted to know, “Are we required to comply with HIPAA?” Technically – yes. On the other hand, there are hundreds of healthcare organizations and healthcare vendors who act ...

The Most Common Mistakes in Cybersecurity are Preventable

Many of the issues we see in cybersecurity, whether you are in healthcare, retail, finance, etc., are by and large preventable. It is not about having a big budget or a large team of experts. No, some of it is just common sense. It is not unlike driving a car. When driving a car you take several basic, yet important, steps to try and lower your risk of an accident. You look both ways at a stop sign, you drive safely to avoid losing control, you keep your car in working condition, and just in case you are in ...

It is Time for Us to Take Control of Our Data!

The EquiFax breach really has me angry.  Mostly because I have no control over any aspect of this mess.  EquiFax scoops up data on all of us without our consent.  They seem unaccountable and untouchable.   With a last name like mine, I’ve had many opportunities to dispute incorrect data on my credit reports, which is always time consuming and irritating.  They make it known how unimportant you are and assume you are “guilty” unless you prove otherwise.  They collect data on all the people in th ...

Could this breach have been prevented? – A new series

Could this breach have been prevented? – A new seriesOne of the first lessons of process improvement is that preventing errors is much less expensive and time-consuming than remedying the damage after the fact. The same is true for an information breach. The time and cost for installing new software, training staff members, and reinforcing policies and procedures pales in comparison to cleaning up the damage of an information privacy or security breach.Recent headlines of multi-million-dollar ...

Think you can take your time when breached? Think Again!

In January of this year, the HHS Office of Civil Rights levied a $475,000 fine against Presence Health for taking too long to notify their patients - as well as the OCR - after discovering the breach of PHI (protected health information). The incident occurred in October 2013 when Presence Health, based in Illinois, discovered that hundreds of physical documents containing patient names, birth dates, medical record numbers, and surgery details for 836 patients were missing.  They did not report the breach ...

What happens when someone submits a HIPAA complaint?

You may not realize how easy it is for someone to submit a complaint about your organization. However, if you are not prepared, what happens after that submission is not something you will soon forget! This is why HIPAA compliance must be a culture and not just a piece of paper. While someone WILL submit a complaint against you at some point, if you have a culture of compliance in place, there should be little to no effect on your business. If you just run through a simplified checklist once a year, howeve ...

An Ounce of Prevention – Why HIPAA Guidelines should be your standard operating procedures

The American Heart Association lists heart disease as the #1 cause of death in the US with nearly 800,000 deaths per year. In comparison, more than 3.1 million patients have been impacted in the first half of 2017 by a data breach that led to the theft of protected health information (PHI). That's right — in half the time, nearly four times as many people have been impacted by an information breach as have died from heart disease! Yet an estimated two thirds of medical practices remain at risk of bei ...

1 2 3 4 5 6 14