Cyber Security – how to prepare!

 

By Aris Medical Solutions

 

Cyber attacks are on the rise in healthcare, and are one of the leading cause of data breaches. Disgruntled employees are another and patients that believe their information has been compromised round out the top three. Although nothing is 100% secure, there are a few simple things you can do to prevent nearly all of these attacks.

First and foremost prepare and plan for a breach. Implement a Breach Notification plan. Understand the difference between an internal and external breach. Make sure you have your security team in place!

Too many practices think they can ignore the possible threat because they use a cloud based EHR. Most hacks and unauthorized access are caused internally due to an employee that is uneducated in security. Employees that use their work computers to access personal email or use their work email for personal use expose the practice to this uncertainty. This could potentially allow viruses and malware into your network. It only takes one person to surf the web and pick up keylogging malware or click on an email attachment or link and bring your entire organization to a halt. Best practices to share security information with your staff at least monthly. Continual education of the possible threats are necessary. You can never be TOO diligent in the area of security!

Make sure you use a Termination Checklist to remind you of all of the access points that must be removed should an employee leave. This is a huge oversight that we see a lot of when we are conducting network security audits. Employees leave and some of their login credentials are removed but not all of them.

Last but certainly not least; if you have a patient that complains about their privacy being violated, take it seriously and resolve the issue as quickly as possible. Make sure you document the process.

For more information on how Aris Medical Solutions can help your organization with HIPAA Compliance and Protecting your Data call 877.659.2467 or click here to contact us.

“Protecting Organizations through Partnership, Education, and Support”

About Suze Shaffer

Suze Shaffer is the owner and president of Aris Medical Solutions. She specializes in HIPAA compliance, risk management, and cyber security. She believes that by educating her clients in understanding why and what needs to be done to protect their practice they have a better outcome.

Suze has been instrumental in helping clients nationwide with risk management, implementing privacy and security rule policies and procedures, and ultimately protecting patient data. She includes state and federal regulatory requirements to ensure clients are protected in all areas.

She has spoken at numerous conferences and functions. She continues to educate organizations how to minimize the risks of data breaches. HIPAA compliance is not an option, it is mandatory for every organization that comes in contact with protected health information to have reasonable and appropriate security measures in place. Unfortunately, most organizations don’t realize they are not compliant until they suffer a data breach or they are faced with an audit or investigation.

Did you know that the Office for Civil Rights (OCR) is the agency that investigates data breaches? Have you seen the heavy fines that have been imposed for non-compliance?

All 50 states now have their own set of privacy laws and the State's Attorney General may also investigate privacy violations!

Share This HIPAA Blog

USB flash drives are a huge risk in healthcare!

September 5, 2017

Office for Civil Rights (OCR) Self Reporting – Should you do it?

October 18, 2017
©2024 Aris Medical Solutions – HIPAA Risk Management | HIPAA Compliance Consultants | All Rights Reserved | Terms and Conditions | Privacy Policy
The content and images on this website is owned by Aris Medical Solutions and their owners. Do not copy any content or images without our consent.
Powered by Bandwise LLC