Focus on Technology: Change Your Router Passwords!

One of the most common services in healthcare is the connection to the internet. With all the focus on security and cyber breaches, one of the most vulnerable pieces on your connection to the internet is what is called the router / gateway. The router / gateway connects your computers and devices to the public internet and in many cases provides the initial security or barrier through the use of a built-in firewall.The problem is, that while this is the door, the gateway to the internet, it is a two way ...

Protect your patients, protect your practice, protect yourself.

The healthcare industry is beginning to realize that HIPAA is here to stay and they are probably going to be audited sooner or later.  What physicians and all healthcare providers need to understand is that if you don't protect your patients' PHI/ePHI the following can happen to your patients as a result of their identity being stolen and used. NOT Protecting Your Patients' (PHI/ePHI):You can cause them financial difficulties or even financial ruin. You can cause them undue stress, even a str ...

Third Rock Announces – Custom HIPAA Policies and Procedures

FOR IMMEDIATE RELEASE  Austin, TX, Aug 25, 2016 – Third Rock, provider of HIPAA Worry-Free Compliance™, announced custom, online HIPAA Policies and Procedures as an additional capability of  their compliance management platform, CompassDB™.  This new capability is designed to address common issues associated with policies and procedures found in most healthcare practices; outdated paper documents collecting dust on a bookshelf.The overarching focus of CompassDB™ is to reduce the cost ...

Focus on Security: Printer Security

We all know we need to improve our computer and network security.  But we often forget that printers are now smart and connected.  Basically, they're another computer on the network. Therefore, we all need to take notice and insure we improve security on our printers.  The exact steps will vary depending on the brand, size, complexity, connection type and features of each printer.  But, below are several steps you can take to get started.Network - secure it Make sure you have a strong password on ...

After the Risk Assessment, Then What? How Often Do I Need to Check?

As we noted previously, there are numerous requirements for HIPAA compliance.  A follow-up question often heard is “How often do I have to do these things?”Risk assessments officially need to be performed on an annual basis but regularly reviewing your risk remediation plan throughout the year is a business “best practice” for any organization.Policies and Procedures need to be reviewed and changed depending upon federal law changes and changes in your organization.  New processes, new tec ...

After the Risk Assessment, Then What? Planning for Emergency Events

As we noted previously, there are numerous requirements for HIPAA compliance.  Being prepared for future emergency events is often identified in the Risk Assessment as a HIPAA compliance requirement that needs to be addressed.Preparing for future events is often overlooked by many healthcare entities.  Just dealing with the issues of the day can take up the majority of your time.  However, being prepared for future events, besides being a HIPAA requirement, also makes good business sense.What HIP ...

Third Rock Recognized as one of Most Promising HIPAA Compliance Solution Providers for 2015!

Third Rock Recognized as one of Most Promising HIPAA Compliance Solution Providers for 2015! Click to Read ArticleIn the July issue of Healthcare Tech Outlook, Third Rock has been recognized as one of the nation’s Top 20 Most Promising Healthcare Compliance Providers for 2015!  “We are very excited and proud to be independently recognized by Healthcare Tech Outlook.  Our hard work to deliver affordable advanced cyber security and comprehensive HIPAA compliance has been very well received by our c ...

Cybersecurity Insurance – Will it pay when I get breached?

As a disclaimer, we are not an insurance company or insurance specialist.  We're a Cyber-Security firm that specializes in HIPAA compliance.  We strongly encourage our clients to purchase cyber-breach insurance.  We regularly blog on healthcare cyber security and compliance, often citing cyber-breach statistics.  It's likely you've been breached or will be breached in the near future.  So, it only makes good business sense to protect the investment you've made building your practice and transfer all ...

Cyber Breach – No One is Immune

This article is the first in a three-part series from Third Rock, a leading HIPAA Compliance and Risk Management provider, explaining the magnitude and business impact of cyber security breaches as well as steps you can take to protect your records and your organization.Recent headlines have reported that cyber breaches are occurring with greater frequency than ever before. Everyone is familiar with the cyber breaches of Target, Home Depot, JP Morgan, Sony, and most recently, the federal Office of Perso ...

My EMR protects my ePHI, right? WRONG!

False Faith in your EMR/EHR It seems most doctors, practice managers, healthcare compliance officers and healthcare security officers put way too much faith in their EMR/EHR.  They think the EMR encrypts the data and therefore it’s secure and no more worries.  That’s a BIG mistake for the following reasons.Many EMRs do NOT encrypt the data in transit, on the local disk (cache) and/or do NOT auto timeout users. Leaving the ePHI available for easy cyber theft. Access controls are only as good as ...

1 2