HIPAA Compliance – After the Risk Assessment, Then What? Data Protections

As we noted previously, there are numerous requirements for HIPAA compliance.  One such item is the protection of your data – while in use, at rest, in motion, or at its disposal. PHI data can exist in many forms and is generally categorized in one of four states: Data in Use (data that is being created, retrieved, updated, or deleted) Data in Motion (data that is moving through networks, including wireless transmission) Data at Rest (data that exists in databases, file systems, and other sto ...

HIPAA Compliance – After the Risk Assessment, Then What? HIPAA Education

As we noted previously, there are numerous requirements for HIPAA compliance.   The next step we would suggest is HIPAA Training.  The Education of your staff regarding what is HIPAA and what does it require is top priority and government requirement.  This education can be training classes as well as knowledge of your organization’s policies and procedures. Staff Training: HIPAA Privacy and Security Training, for all employees, is required to be done soon after initial employment and then period ...

Cyber-Security: Best Practices – Short and Sweat!

Yes, that said swEAt, not swEEt.  If you think there is anything sweet about cyber-security you haven't been in it long enough.  The good news is the Australian government came up with a very short list of key strategies for cyber-security best practices.  This is straight from Marc Goodman's book Future Crimes. Application white listing - only allow specifically authorized programs to run on your system and block all unknown executable files and installation routines.  Doing so prevents malic ...

HIPAA Compliance – After the Risk Assessment, Then What? Breach Detection

As we noted previously, there are numerous requirements for HIPAA compliance.  A top priority after the risk assessment is cyber security to prevent and detect cyber breaches. In this age of data breaches – from cyber breaches to equipment theft/loss, addressing the issue of continuous monitoring of your network and your networked devices might be the second item to address on your list of HIPAA compliance activities.  The Office of Civil Rights (DHHS) states that security is now 80% of the requireme ...

HIPAA Compliance – How to Get Started?

You may have asked yourself – how HIPAA compliant are we really?  What constitutes HIPAA compliance?  How often do I need to check? There are numerous requirements for HIPAA compliance – performing an annual risk assessment, up-to-date training, maintaining current policies and procedures, having a contingency plan, having your data encrypted at rest and in motion, continuous monitoring of all networks and networked devices, just to name a few. Those are a lot of things to contend with but where ...

Third Rock – Our CEO was Security Panelist at Health Tech ATX

Robert Felps, Third Rock CEO, was one of three panelist for the Health Tech ATX conference in Austin, TX on October 7.  There were over 75 Healthcare executives and security experts in attendance.  One of the main focuses was on the extreme rise in Healthcare cyber-security breaches and how to address them.  HIPAA compliance was the number one response from the panelist.  You must do a Risk Assessment to know what issues you have and prioritize the remediation of those issues.  The changes brought abo ...

HIPAA – Enemy #1 = Do Nothing

What is the biggest obstacle to HIPAA Compliance? Do Nothing! It’s the #1 enemy of HIPAA compliance and Healthcare practices. Anyone that has checked into HIPAA in the past few years can see that action is necessary to address new requirements and fend off potentially harsh fines. With minimal cost and effort, a practice can deploy cyber-breach detection software and perform a risk assessment that will drastically improve their compliance and greatly reduce their likelihood of losing valuable ePHI. Ho ...

Third Rock Recognized as one of Most Promising HIPAA Compliance Solution Providers for 2015!

Third Rock Recognized as one of Most Promising HIPAA Compliance Solution Providers for 2015! Click to Read Article In the July issue of Healthcare Tech Outlook, Third Rock has been recognized as one of the nation’s Top 20 Most Promising Healthcare Compliance Providers for 2015!  “We are very excited and proud to be independently recognized by Healthcare Tech Outlook.  Our hard work to deliver affordable advanced cyber security and comprehensive HIPAA compliance has been very well received by our c ...

There is no way to stop a data breach

If you have been reading the news, you know cyber-breaches are getting out of control.  A recent article contained a statement of truth from Daniel Marvin, Cybersecurity Attorney, Stern & Montana.  He states “There is no way to stop a data breach. Hackers are smart, they are well-funded and they are relentless. You really can't build a firewall high enough to keep them out.” He's absolutely correct.  You MUST understand that preventative security measures reduce break-ins, but cannot s ...

Cyber Breach – No One is Immune

This article is the first in a three-part series from Third Rock, a leading HIPAA Compliance and Risk Management provider, explaining the magnitude and business impact of cyber security breaches as well as steps you can take to protect your records and your organization. Recent headlines have reported that cyber breaches are occurring with greater frequency than ever before. Everyone is familiar with the cyber breaches of Target, Home Depot, JP Morgan, Sony, and most recently, the federal Office of Perso ...

1 2 3 4