HIPAA

in order to be HIPAA Compliant, you must maintain a "Culture of Compliance" at your office. This can include keeping your software up-to-date, regular required training and addressing risks that pose to your office. This month we address Credit Card security, Web Browser security and Cell Phone Security

With the increase of cloud-based software and work from home movement, it is time to start addressing cybersecurity threats we face outside the workplace. The first step is making sure that the hardware you are using to access the office network or cloud-based systems are secure.

Each of us uses a web browser to access the internet. Among the most widely used are Google Chrome, Firefox, Microsoft Edge, and Apple Safari. There are also may other browsers available to be used to surf the net. As a medical professional you are responsible to make sure your browser is not the source of a HIPAA Security Breach in your office.

The answer is yes. Malware can be installed on your phone that can secretly record the microphone, phone calls, access the camera, access passwords on the phone and track the location of a mobile phone.

While passwords are good security tools, we cannot blindly rely on them to protect our computers.

in order to be HIPAA Compliant, you must maintain a "Culture of Compliance" at your office. This can include keeping your software up-to-date, regular required training and addressing risks that pose to your office. This month we address the HIPAA Privacy Manual, enabling your hardware firewall and tracking internet of things

On June 29, The Department of Health and Human Services Cybersecurity Program released a news article on vulnerabilities in PACS Systems. PACS systems are Picture Archiving Communication Systems. These are commonly used for the storage and sharing of medical images such as radiographs, CT scans, and MRI images.

TLD sponsors HIPAA Training On Demand at CME Online

On April 27th, an EHR system company sent an email to hosted customers detailing a ransomware incident. According to the email, "A sophisticated criminal organization carried out a ransomware attack on some of the hosting vendor’s systems, disaster recovery site, and backups." As a result of this outage, many customers lost access to their EHR system.

The CDC has recently stated that individuals who have been vaccinated do not need to wear masks. As a result, many states have lifted mask restrictions. This begs the question of what to do if your state has lifted mask restrictions and somebody walks into your office without a mask?