5 Tips for Creating an Information Security Culture

Engaging clinical staff in information security can be an uphill challenge. For people doing the tangible, social, and physical work of healthcare, a Security Officer’s cautions regarding the invisible threat of cyber-theft can seem like science fiction paranoia. Further, among the healthcare practitioners who do recognize information security as a relevant concern, a substantial number still see it as an “IT issue.”  And finally, as if those barriers weren’t enough, the mere mention of “HIPA ...

HIPAA’s “Last Mile” Challenge

The phrase “last mile” is commonly used across many industries to denote the final leg of a project or process - reaching the goal! More often than not, it’s referring to the most difficult part of the journey.  In logistics, it is delivering your iPhone made in China to your doorstep in rural Texas.  In the communications industry, it is installing the last few hundred yards of new optical fiber cabling for high speed internet to your home or office that is extremely costly and disruptive.  And li ...

Value Proposition of a Next-Generation Compliance Platform (2 of 2)

This is the second in a two part series concerning the value of compliance.  Our mission is, Worry-Free Compliance, to help you obtain a culture of compliance through normal business operations.  Our vision is to reduce the complexity, cost and burden of HIPAA compliance using a next-generation compliance management platform. What does a next-generation management platform provide?  Here's a list: Complete Manages the entire compliance process Maintains custom policies and procedure ...

Protect your patients, protect your practice, protect yourself.

The healthcare industry is beginning to realize that HIPAA is here to stay and they are probably going to be audited sooner or later.  What physicians and all healthcare providers need to understand is that if you don't protect your patients' PHI/ePHI the following can happen to your patients as a result of their identity being stolen and used. NOT Protecting Your Patients' (PHI/ePHI): You can cause them financial difficulties or even financial ruin. You can cause them undue stress, even a str ...

Achieving Your HIPAA Gold Medal

With the 2016 Summer Olympics in full swing I thought it apropos to use the analogy of achieving a gold medal to obtaining HIPAA compliance.  I know, not really fair or nice to the Olympics and Olympians, but it makes a decent blog post and a good analogy.   So, bear with me and work on achieving your HIPAA gold medal. Vision You need a clear vision.  You will obtain your goal of being HIPAA compliant.  You need to clearly understand what that requires.  Take our Free Risk Assessment to better un ...

Is HIPAA Worth It?

HIPAA is yet another government mandate for American healthcare businesses to address.  We all know it's time consuming, requires a lot of effort to learn, stay current on and to implement.  Plus, it's costly.  But, is it worth it?  Does it truly help the covered entity or business associate in the long run.  You might be surprised by the answer. The simple answer is ABSOLUTELY. First, let's look at HIPAA goals. Basic Goals of HIPAA Portability: To allow patients to transfer their records ...

Third Rock Announces CompassDB™ – A Comprehensive Compliance Management Platform

Austin, TX, - Aug. 3, 2016 – Third Rock, provider of HIPAA Worry-Free Compliance™, announced CompassDB™ their compliance management platform.  CompassDB™ is designed to significantly reduce the cost and burden of HIPAA compliance for all parties involved.  Consulting firms who provide compliance services, and the clients, Covered Entities and Business Associates on which HIPAA regulations are focused, all will benefit. CompassDB™ is a cloud solution that provides safe, secure, web based s ...

Focus on Security: Phishing for Malware

85 percent of organizations have suffered phishing attacks! That is straight from the Wombat 2016 State of the Phish report.  Is that depressing or what!  The sad thing is, phishing can be thwarted most of the time.  But, it requires diligent training of your ENTIRE staff.  Including the board members, owners, executives and doctors.  Everyone needs to be trained to identify phishing attacks and resist opening the link and/or attachment. A few stats from the report. 85% of organizations ...

HIPAA Crossword Puzzle

HIPAA Crossword Puzzle Third Rock We thought it might be good to have you learn more about HIPAA through a challenging crossword puzzle. We hope you enjoy completing the puzzle and learn a little about HIPAA in the process.  You can click the image below to download the PDF version and print it off. Answers Across: 2. PHI 3. backups 5. ice cream 6. HIPAA 8. risk assessment 10. covered entities 12. disaster recovery 15. PII 17. cyber breach 20. cyber security 21. audit 22. lemonade ...

Insider Breaches – A Risk that Shouldn’t be Overlooked

With all the headlines on cyber breaches and the cyber criminals trying to break into your digital environment, you may overlook a common and very real threat.  Accenture's recent security report said 69% of the people surveyed had experienced an insider attempt or success at data theft or corruption.  Many of the other cyber reports show the same types of stats.  It is reasonable to anticipate someone inside your organization may be planning or is actively stealing your company’s proprietary infor ...

1 2