It is Time for Us to Take Control of Our Data!

The EquiFax breach really has me angry.  Mostly because I have no control over any aspect of this mess.  EquiFax scoops up data on all of us without our consent.  They seem unaccountable and untouchable.   With a last name like mine, I’ve had many opportunities to dispute incorrect data on my credit reports, which is always time consuming and irritating.  They make it known how unimportant you are and assume you are “guilty” unless you prove otherwise.  They collect data on all the people in th ...

Could this breach have been prevented? – A new series

Could this breach have been prevented? – A new seriesOne of the first lessons of process improvement is that preventing errors is much less expensive and time-consuming than remedying the damage after the fact. The same is true for an information breach. The time and cost for installing new software, training staff members, and reinforcing policies and procedures pales in comparison to cleaning up the damage of an information privacy or security breach.Recent headlines of multi-million-dollar ...

Texas Healthcare Privacy, Security Focus in Recent Partnership

HealthITSecurity August 16, 2017-Texas covered entities will now have assistance in working toward healthcare privacy and security compliance measures through a recent partnership between the Texas Health Services Authority (THSA) and Third Rock Incorporated.THSA will utilize Third Rock’s cloud-based compliance management platform, which “streamlines and automates the privacy and security compliance process,” according to a THSA statement.   ...

Focus on Security: In plain sight

Sometimes we tend to focus strictly on the technical side of security and compliance and fail to notice the very important issues hiding in plain sight. While a hacker breaking into your network and stealing ePHI is the threat that is being talked about the most, it is sometimes the overlooked old-fashioned threats that present the greater risk.Think about how many times a patient record has been sitting somewhere and how long does it actually take for someone to pick it up and walk off? What about allo ...

Third Rock Recognized at Austin Recovery’s 50th Anniversary Event

Third Rock Recognized at Austin Recovery's 50th Anniversary EventRound Rock, TX, July 25, 2017 – On May 5th, Austin Recovery celebrated its 50th Anniversary with a luncheon gala at the Shalom Austin Jewish Community Center in Austin, TX. At the event, they recognized Third Rock, Incorporated and its partner Nivola Healthcare Solutions for their work and donations supporting the organization’s HIPAA compliance activities and related information security practices.Austin Recovery requested Third R ...

Celebrating Nurses – Cornerstones of the “Human Firewall”

In their roles as both care giver and care coordinator, nurses generate, transmit, transcribe, and interact with enormous amounts of information using a dizzying array of devices. Not surprisingly, nurses play a critical role in keeping patients’ protected health information (PHI) safe.Nurses, you are amazing!! In the course of a single hospital shift, a hospital nurse may interact with a single patient’s record 10-20 times – or more – depending on the intensity of the care and length o ...

One small step for man, one giant leap for privacy!

“To err is human”… a pretty obvious statement. So if we all know we are going to make mistakes, why not add an extra level of security to mitigate the effects of the mistake?I am sure we have all been in the predicament of sending John C. an email, but when we clicked on our contacts list we accidentally sent it to John B. I have conversations constantly with clients and friends about encrypting their email to protect themselves and often get the same set of questions…“Isn’t that e ...

The IoT, Little “Things” with Big Implications

You may have experienced the first coordinated cyber attack using “Internet of Things”, IoT. I bet you are wondering how did it affect me? How did it happen?  Did you notice on October 21st that Facebook and LinkedIn were not available?  Maybe you noticed that Amazon couldn’t take your order, and email was really slow? This was the result of a DDoS attack, Distributed Denial of Service, which have been going on for years, but this one was different.Typically, DDoS attacks are the result of ...

HIPAA: Patient Access to Their Information

With all of the cyber-security breaches and fines levied on organizations for lost PHI, it's easy to forget that HIPAA also defines what information must be provided to the patient and transferred to other providers for care and when they change providers.HIPAA has three basic components:Portability - allow for the transfer of patient information to other providers that may provide care to the patient or to the patient themselves.Allow the patient to access their patient information defi ...

Value Proposition of HIPAA Compliance (1 of 2)

If you've been reading our blog very long you know we've discussed Is HIPAA worth it?, What's the ROI?, etc, etc.  This article is really another way to think about why you need to start working on your HIPAA compliance today.What is the Value Proposition of HIPAA Compliance?Identifies weaknesses that make your business vulnerable and liable Improves protection of your patients’ valuable PHI Protects your business from disruptive events – natural and man-made Fortifies your cyber ...

1 2 3 4 5