Protect your patients, protect your practice, protect yourself.

The healthcare industry is beginning to realize that HIPAA is here to stay and they are probably going to be audited sooner or later.  What physicians and all healthcare providers need to understand is that if you don't protect your patients' PHI/ePHI the following can happen to your patients as a result of their identity being stolen and used. NOT Protecting Your Patients' (PHI/ePHI): You can cause them financial difficulties or even financial ruin. You can cause them undue stress, even a str ...

Focus on Technology: HIPAA Quick Fixes

While meeting all the HIPAA requirements for your technology (computer, network, etc.) requires some planning, there are some quick fixes that can greatly reduce the odds of your organization being breached while at the same time starting you on your path to compliance. Below are some common issues that we see at all sizes of organizations. How you go about correcting some of them is determined by the size and resources of your organization. Quick Fix #1 Issue: The operating system (i.e. Windows) on ...

Misconceptions Lead to False Sense of Security

In mid-August, The National Law Review reported the Office for Civil Rights (OCR) announced it would focus more on smaller breaches, those affecting less than 500 individuals.  I think this reflects the growing concern that Small to Medium Business (SMB) are more vulnerable.  They are also less capable of detecting, responding to and reporting breaches.  IBM estimates that 80% of cyber thefts suffered by SMBs go unreported.  This is due to lack of detection, embarrassment, and fear of social media backl ...

Healthcare under attack by new strain of ransomware

FireEye Labs has identified massive email campaigns by cyber-criminals during Aug, 2016 containing the Locky ransomware embedded in DOCM attachments.  DOCM is Open XML Macro-Enabled Document file used in Microsoft Word.  Which means the file contains a macro which MS Word will execute when you open the file in MS Word.  Healthcare is the leading industry targeted by the campaign. The healthcare industry is now the "industry of choice" by cyber-criminals since Protected Health Information (PHI/ePHI) i ...

Healthcare entity leaves its patients exposed after breach

  Athens Orthopedic Clinic (AOC) in Georgia, suffered a cyber-attack in June of 2016 that impacted roughly 200,000 patients.  If that's not bad enough, AOC is not able to pay for extended credit monitoring for its victims.  The healthcare industry, including small, single doctor practices, needs to sit up and take notice. Cyber criminals are at your back door, front door and trying to crawl through your networks.  You need to take action to Defend, Detect, and Defeat cyber breaches from steal ...

Focus on Security: Top Ten Tips for Cyber-Security for Small Businesses

I know it's getting old and boring, but cyber-criminals are focused on PHI, which means we, in healthcare, need to take action to protect it. The SBA has a helpful list of cyber-security tips posted on their web site.  It's a great starting point to harden your defenses and defend against the highly likely cyber-breach.  Here's a summary of what's covered. Protect against viruses, spyware, and other malicious code Secure your networks Establish security practices and policies to protect ...

Focus on Technology: Windows 10 Wi-Fi Sense

Windows 10 has a feature called Wi-Fi Sense, which will automatically share your Wi-Fi connection with other electronic equipment.  Sounds great, doesn't it?  No more writing down or repeating SIDs and passwords to let people access your secure, private wireless network.  Well, I consider this a bad idea for business.  This is a simple cyber-security issue to consider.  I would encourage you to consider turning the feature off to be more secure vs more convenient.  Letting people access your wireless ...

Is HIPAA Worth It?

HIPAA is yet another government mandate for American healthcare businesses to address.  We all know it's time consuming, requires a lot of effort to learn, stay current on and to implement.  Plus, it's costly.  But, is it worth it?  Does it truly help the covered entity or business associate in the long run.  You might be surprised by the answer. The simple answer is ABSOLUTELY. First, let's look at HIPAA goals. Basic Goals of HIPAA Portability: To allow patients to transfer their records ...

Focus on Security: Phishing for Malware

85 percent of organizations have suffered phishing attacks! That is straight from the Wombat 2016 State of the Phish report.  Is that depressing or what!  The sad thing is, phishing can be thwarted most of the time.  But, it requires diligent training of your ENTIRE staff.  Including the board members, owners, executives and doctors.  Everyone needs to be trained to identify phishing attacks and resist opening the link and/or attachment. A few stats from the report. 85% of organizations ...

Focus on Security: Printer Security

We all know we need to improve our computer and network security.  But we often forget that printers are now smart and connected.  Basically, they're another computer on the network. Therefore, we all need to take notice and insure we improve security on our printers.  The exact steps will vary depending on the brand, size, complexity, connection type and features of each printer.  But, below are several steps you can take to get started. Network - secure it Make sure you have a strong password on ...

1 2 3 4 5 6