As we enter into the last few months of this challenging year, many practices will be looking to perform a HIPAA IT Security Risk Analysis. When considering the approach to this year's analysis, it's important to consider any changes that may have been made to critical IT systems as part of the practice's response to COVID-19.
In this day and age of advanced technology, physicians have access to abundant clinical information at their fingertips. Electronic medical record (EMR) systems can provide physicians with the data they need to care for their patients at virtually any time or place (whether or not these systems are user-friendly is another story).
The National Institute of Standards and Technology has published a bulletin that provides several key reminders for people who have had to shift to working remotely as a response to COVID-19. The guidance, which can be found in full at the link below, summarizes previous NIST guidelines for working safely when out of the office.
On March 19, the Alabama Department of Public Health (ADPH) issued mandatory health orders to medical practices statewide to delay all elective medical and dental procedures until April 6th. On March 28, the order was amended such that non-emergency procedures are postponed further notice. Under these guidelines, Medical and dental practices have had to reduce office hours and/or close their office.
By now you have probably heard this and read it a thousand times. But one last time, we will cover it with some background on the whys and how’s.
With more healthcare organizations moving to VoIP (Voice-over-Internet Protocol) for their phone and communication needs, it’s important to understand the technology and how to make it work for your business needs. So let’s start with the basics.
Managing medical waste is not for the faint of heart - and neither is managing a medical office. Your facility’s staff must adhere to strict, sometimes time-consuming medical waste guidelines and regulations while providing the highest level of patient care. You must protect the health of your patients, your employees, and the environment. Following best practices in health care delivery, medical waste management, and medical office management can streamline processes and help ensure the best delivery of service in each area.
VoIP is a game-changer for the healthcare industry’s communication landscape, allowing for quicker, more reliable communication. However, it also brings with it a multitude of HIPAA concerns that can be confusing to navigate.
Over the last few years, cell phones have become computers, capable of much of the functionality that your office computer has. This is also true for small portable devices such as iPads, Windows and Android tablets. Are these devices and applications as secure as those you use from your clinic? In most cases, the answer is no.
Trying to comply with HIPAA can be a challenge for healthcare providers, especially when there is so much confusion about specific aspects of the rules. Policyholders contact SVMIC almost every day for assistance with HIPAA-related issues. In fielding those calls and emails, we have identified some commonalities.
During my 30 years in healthcare consulting, I have seen several reform initiatives come and go.
In many cases, the initiatives have enhanced the ability of consumers to access insurance coverage and ultimately healthcare. In 1993, President Clinton proposed legislation that led to growth in Health Maintenance Organizations (HMOs) and also the HIPAA privacy standards which are still in place today. In the 2000s, President George Bush proposed changes to the Medicare program that led to the implementation of Medicare Part D coverage.
A look at the calendar tells us that we only have a short time left in 2018. That means many practices will be looking to complete their Security Risk Assessments in order to either qualify for the 2018 Merit-based Incentive Payment System (MIPS) or to simply fulfill their obligations to comply with the HIPAA Security Rule.
One of the most frustrating things PC users can experience is slow performance or freezing while using their normal programs. It can make even the simplest tasks take several times longer and greatly slow down your work day, which impacts patient care as well. While it will sometimes mean there could be hardware issues and your PC needs an upgrade, there are several steps that you and your IT support can take to speed up the performance of your PC through cleanup tools, anti-virus and anti-malware scans, or optimizing settings.
Is your EHR application in the cloud or are you considering moving to a cloud based provider? If so ensuring that you know the providers processes for data backup, disaster recovery and overall security are extremely important.
One of the greatest challenges healthcare organizations face today is clinical application interoperability – the communication between computer systems, applications, or software to allow them to work in conjunction with one another.
It is especially important for smaller practices to be mindful of Electronic Protected Health Information (ePHI) security regulations – a breach of ePHI can lead to costly notification requirements and potential monetary penalties under the HITECH Act. Managing physicians of small independent practices hold many responsibilities, including the duty to comply with the Security Rule within HIPAA regulations. This article provides a brief overview of federal ePHI compliance safeguards required in a practice. While not meant to be a comprehensive discussion of all requirements, it highlights legal considerations and safeguards a practice must implement to comply with HIPAA ePHI regulations. The federal Security Rule under HIPAA requires a health care provider (typically known as a Covered Entity) to have the minimum ePHI safeguards, listed below.
They were surprised, and you likely be will, too. Of the hundreds of healthcare organizations I’ve helped document HIPAA and meet compliance requirements, most are unaware that their Patient Health Information (PHI) is exposed in some way. If a cyber attacker took advantage of this situation, it could cause damage to your patients, bring giant HIPAA fines, and a loss of reputation.
If you surveyed managing physicians and office managers from the Birmingham area about their business continuity plans, how confident do you think they would be with their Disaster Recovery solution? Do they feel prepared? Have they even thought about it?
We hate to break it to you, but there's a HIPAA requirement you’re more than likely doing wrong. The Department of Health & Human Services’ Office for Civil Rights (OCR) is cracking down on requiring a true Healthcare Security Risk Analysis.
We all recognize that healthcare is evolving at a rapid pace. With this evolution, the need to share patient information to positively impact quality care, provide a seamless patient experience, plus save time for your staff to coordinate care is of critical importance. By making the most of new technology, today’s office equipment can easily and securely, help you do just that.
As of September 30, 2017, the Department of Health and Human Services Office of Civil Rights (OCR) has received notices of 237 breaches. 46% occurred as result of hacking or IT security incidents; many at the business associate level. Ransomware is rampant and projected to increase 670%. As a covered entity, although a breach occurs at your business associate, under HIPAA, you are responsible for your protected health information and responding to the breach. OCR has been clear that breaches of 500 or more records will be investigated. Given the significant increase in breaches over the past few years, advance preparation is critical and can reduce the cost and burden of breach response.
Did you know a single patient health record can earn cybercriminals 10 times the price of a stolen credit card number on the black market?
The Office of Civil Rights is auditing small and large healthcare providers alike, imposing multi-million dollar fines in some cases. Meanwhile, the same electronic storage, mobile devices, and cloud-based applications that patients, doctors, and healthcare staff want to use often compromise a practice’s ability to keep that patient data safe.
Recycling electronics is a great way to help conserve and reuse valuable resources and materials found in many gadgets, including glass, plastics, and various metals such as copper, gold, palladium, and silver. Many electronics, especially computers and televisions, contain toxic materials such as cadmium, lead, and mercury. Recycling and reusing electronics helps to keep these toxic materials out of our landfills and water supply.
Moving a medical practice can be a daunting task. A medical office move can be a result of needing a bigger space, physician retirement, or practice acquisition. While making patients aware of a major change is most certainly a priority, it is equally important to make sure their documents and all office data and service equipment survives the move as well.
You may not be getting all you can out of your browsing experience
and may be open to security risks!
Consider upgrading to the latest version of your browser or choose on below: