Is 2016 going to be “The Sequel” for Healthcare?

We all love sequels of our favorite movies. Unfortunately, when it comes to healthcare breaches, there is not much to love about the likelihood of a 2016 sequel to a record breaking 2015. At the end of 2014, which was recognized as the “The Year of the Cyber Breach”, many industry leaders, including Third Rock, predicted 2015 to be the year of the “Healthcare Breach.” It didn’t take long to for the prediction to come true. By the end of the first quarter, an estimated 91 million healthcare record ...

Third Rock CEO serves as panelist for ISC(2) Challenges in Healthcare IT

Robert Felps, Third Rock CEO, was one of four panelist for the ISC(2) Austin Chapter in Austin, TX on March 14 discussing Challenges in Healthcare IT.  There were over 50 security experts in attendance.  The focus was on the state of Healthcare cyber-security.  HIPAA compliance was a primary focus from the panelist.  You must do a [Security] Risk Assessment to know what issues you have and prioritize the remediation of those issues.  The changes brought about by HITECH and later updates to HIPAA mak ...

Third Rock Introduces Cyber Security and HIPAA Compliance: Practical Steps to Protect Your Practice! CE course for Free to HealthCare Associations and Members

# # # FOR IMMEDIATE RELEASE Contact: Robert Felps rjf@thirdrock.com 512-310-0020 Third Rock Introduces Cyber Security and HIPAA Compliance: Practical Steps to Protect Your Practice! CE course for Free to HealthCare Associations and Members Austin, Tx, Mar 8, 2016 – Third Rock, provider of HIPAA Worry-Free Compliance™, is offering a free continuing education (CE) course to any Healthcare Association or Organization on Cyber Security and HIPAA Compliance: Practical Steps to Protect Your Practice! T ...

After the Risk Assessment, Then What? How Often Do I Need to Check?

As we noted previously, there are numerous requirements for HIPAA compliance.  A follow-up question often heard is “How often do I have to do these things?” Risk assessments officially need to be performed on an annual basis but regularly reviewing your risk remediation plan throughout the year is a business “best practice” for any organization. Policies and Procedures need to be reviewed and changed depending upon federal law changes and changes in your organization.  New processes, new tec ...

Building a Privacy & Security Culture: Training is just the beginning!

The privacy and security practices required by HIPAA run counter to decades of habit! Paper charts stored in unsecured racks in public hallways, unsecured computer workstations, and open discussion of patient information in public areas have been the norm in many healthcare facilities despite the 1996 and 2003 HIPAA privacy requirements. The additional risks to patient information posed by new technologies also run counter to decades of thought. Caregivers accustomed to thinking of their facility as a rel ...

After the Risk Assessment, Then What? Planning for Emergency Events

As we noted previously, there are numerous requirements for HIPAA compliance.  Being prepared for future emergency events is often identified in the Risk Assessment as a HIPAA compliance requirement that needs to be addressed. Preparing for future events is often overlooked by many healthcare entities.  Just dealing with the issues of the day can take up the majority of your time.  However, being prepared for future events, besides being a HIPAA requirement, also makes good business sense. What HIP ...

5 Benefits of HIPAA Privacy and Security Training

HIPAA law requires that all workforce members with any access to PHI receive training in basic privacy and security practices. “Workforce” includes housekeeping staff, dietary workers, clerical staff, and contract workers in addition to all members of the clinical staff. But “compliance” is not the only reason to ensure that all workforce members understand and follow basic privacy and security protocols – here are 5 more: Training provides the basis for a “human firewall” against PHI ...

Create a Human Firewall – HIPAA Training

Cyber breaches in healthcare are in the headlines and on the rise. Last year, over 112.8 million people’s “protected” health information was stolen or improperly disclosed! That is approximately one third of the total U.S. population - in just one year!  The big newsmakers are the large cyber breaches where millions of records are stolen electronically. But the “weak link” in many breaches is the human being. “IT security starts with people.” (2016 Cybersecurity Trends, Cybernetic Global I ...

HIPAA Compliance – After the Risk Assessment, Then What? Data Protections

As we noted previously, there are numerous requirements for HIPAA compliance.  One such item is the protection of your data – while in use, at rest, in motion, or at its disposal. PHI data can exist in many forms and is generally categorized in one of four states: Data in Use (data that is being created, retrieved, updated, or deleted) Data in Motion (data that is moving through networks, including wireless transmission) Data at Rest (data that exists in databases, file systems, and other sto ...

Top 25 Shameful Passwords of 2015

More and more passwords are becoming a daily part of your life. Considering that it is recommended to never use the same password at different sites or on different apps, it can become overwhelming. Despite that, there are just some things that you should not compromise for the sake of being easy. Below are the list of the top 25 worst passwords for 2015. Just as a quick reminder, while passwords are not the end-all-be-all in security, it pays to create secure ones. You should try to keep them at a minim ...

1 2 3 4 5 6 7 8 9 10 11