We like to find interesting tips and tricks to help our clients improve their health data security. This infographic from Inspired eLearning on "phishing" schemes covers the most common types of phishing attacks, including via email, phone call, text message, or USB baiting. Read on to learn about how these attacks can occur, common statistics, and prevention tips.
On May 25, 2018, European law officially enforced the General Data Protection Regulation (GDPR). The GDPR was created to protect the personal data of EU citizens. This article examines two GDPR-compliant encryption methods in this article: standard encryption and pseudonymization.
Healthcare providers in today's environment are dependent upon health information technology like electronic health records, cloud-based billing and practice management solutions, and mobile devices like laptops and iPads to run their practices. The reliability and security of this technology is key to both operations and compliance. However, physicians aren't IT professionals, and practice managers are security specialists. So how do they manage compliance risks without cutting into resources needed to provide patient care? On Tuesday, April 26, 2016, Rebecca E. Gwilt, Esq. and Joan Kassell, MLIS, CPIA will meet with Virginia practitioners to discuss what the data shows are the most common sources of health data breaches and OCR settlements. The data reveals that there are a few simple steps any physician can take to protect their practice and patients and to begin to build a robust compliance program. Topics will include (1) realistic threats to healthcare practices, (2) breaches in the real world and what they tell us, and (3) reducing the likelihood a breach will bury your practice.
Health IT vendors are under incredible pressure to represent to customers that their hardware and software solutions are impervious to cyber threats. Pick any major trade show and the first line you'll hear from exhibitors is that their solution is HIPAA-compatible, and, even more misleading, HIPAA-compliant. It's important that vendors understand overstating security protocols and capabilities can have major legal and financial implications.
On January 6, 2016, in a dramatic national press conference, President Obama announced several actions by his administration to address gun violence in the US. One of these actions is a long-planned modification to the Health Insurance Portability and Accountability Act (HIPAA). The same day, the Department of Health and Human Services (HHS) published a Final Rule adding a permitted disclosure to the HIPAA Privacy Rule, which expressly permits a limited number of Covered Entities to disclose protected health information (PHI) of certain individuals to the National Instant Criminal Background Check System (NICS). The modification is aimed at removing one barrier to expanding the quality of the information in NICS, which is used by firearms vendors to disqualify potential purchasers who are federally barred from owning firearms.