Data Hemorrhage – Find and Stop the Bleeding

We bleed data constantly. Data hemorrhage! Why? Because it is self-propagating. The more important the data, the faster it seems to reproduce. Important data has to be backed up. It will end up in the cloud, actually multiple clouds. I’ll print a copy and store it in my file cabinet, just in case. Probably be good to burn it on a CDROM as well for my long term records. High quality data is used for analysis via a spreadsheet, to project future business trends, revenue, and sales projections. You can make ...

Reduce the Burden of HIPAA While Increasing Your Protection

If you missed our recent webinar on Reduce the Burden of HIPAA While Increasing Your Protection you can watch it on-line now. Ed Jones, Third Rock's Chief Compliance Officer, keeps this presentation updated to help your stay current on HIPAA and cyber-security.  We offer the course to professional associations and local healthcare societies, board of directors and executives and as a Continuing Education (CE) course.  Contact us if you're interested in a private webinar with Q&A. Please join Ed ...

ePHI – Defend, Detect, Defeat

Healthcare covered entities and business associates can reduce their cyber security risks by focusing on three areas – defend, detect, and defeat.  The cyber security industry refers to these areas with different words, but the same basic meaning.  Sometimes you’ll hear prevent, detect, respond, but we like defend to remind us we’re at war and defeat so we have a goal to stop data loss. Defend begins with governance, compliance and organization.  It involves assessing what you need to p ...

Healthcare Breaches Caused By Criminal Attacks

Last year the Ponemon Institute’s Fifth Annual Benchmark Study on Privacy and Security of Healthcare Data revealed a shift in the root cause of data breaches from accidental to intentional.  This is worth noting for all healthcare providers, large and small.  It’s not enough to provide good, current cyber security training to all of your employees, but you must improve your overall cyber security to protect your highly valuable ePHI. FierceHealthIT wrote up a good summary on the report, read it ...

Is 2016 going to be “The Sequel” for Healthcare?

We all love sequels of our favorite movies. Unfortunately, when it comes to healthcare breaches, there is not much to love about the likelihood of a 2016 sequel to a record breaking 2015. At the end of 2014, which was recognized as the “The Year of the Cyber Breach”, many industry leaders, including Third Rock, predicted 2015 to be the year of the “Healthcare Breach.” It didn’t take long to for the prediction to come true. By the end of the first quarter, an estimated 91 million healthcare record ...

Third Rock CEO serves as panelist for ISC(2) Challenges in Healthcare IT

Robert Felps, Third Rock CEO, was one of four panelist for the ISC(2) Austin Chapter in Austin, TX on March 14 discussing Challenges in Healthcare IT.  There were over 50 security experts in attendance.  The focus was on the state of Healthcare cyber-security.  HIPAA compliance was a primary focus from the panelist.  You must do a [Security] Risk Assessment to know what issues you have and prioritize the remediation of those issues.  The changes brought about by HITECH and later updates to HIPAA mak ...

Third Rock Introduces Cyber Security and HIPAA Compliance: Practical Steps to Protect Your Practice! CE course for Free to HealthCare Associations and Members

# # # FOR IMMEDIATE RELEASE Contact: Robert Felps rjf@thirdrock.com 512-310-0020 Third Rock Introduces Cyber Security and HIPAA Compliance: Practical Steps to Protect Your Practice! CE course for Free to HealthCare Associations and Members Austin, Tx, Mar 8, 2016 – Third Rock, provider of HIPAA Worry-Free Compliance™, is offering a free continuing education (CE) course to any Healthcare Association or Organization on Cyber Security and HIPAA Compliance: Practical Steps to Protect Your Practice! T ...

After the Risk Assessment, Then What? How Often Do I Need to Check?

As we noted previously, there are numerous requirements for HIPAA compliance.  A follow-up question often heard is “How often do I have to do these things?” Risk assessments officially need to be performed on an annual basis but regularly reviewing your risk remediation plan throughout the year is a business “best practice” for any organization. Policies and Procedures need to be reviewed and changed depending upon federal law changes and changes in your organization.  New processes, new tec ...

Building a Privacy & Security Culture: Training is just the beginning!

The privacy and security practices required by HIPAA run counter to decades of habit! Paper charts stored in unsecured racks in public hallways, unsecured computer workstations, and open discussion of patient information in public areas have been the norm in many healthcare facilities despite the 1996 and 2003 HIPAA privacy requirements. The additional risks to patient information posed by new technologies also run counter to decades of thought. Caregivers accustomed to thinking of their facility as a rel ...

After the Risk Assessment, Then What? Planning for Emergency Events

As we noted previously, there are numerous requirements for HIPAA compliance.  Being prepared for future emergency events is often identified in the Risk Assessment as a HIPAA compliance requirement that needs to be addressed. Preparing for future events is often overlooked by many healthcare entities.  Just dealing with the issues of the day can take up the majority of your time.  However, being prepared for future events, besides being a HIPAA requirement, also makes good business sense. What HIP ...

1 2 3 4 5 6 7 8 9 10 11