Patient Data is a Hot Commodity

 

By Aris Medical Solutions

 

Health care organizations are now a primary target since they are the custodians of patient data and a plethora of information. The reason patient information is sought after so much is because it can be sold on the black market for a decent price. Social Security Numbers also have a longer shelf life unlike credit card numbers. Therefore it is imperative that any company or person that is involved with healthcare data do what they can to protect their computers and/or network.

Criminals are diligent in trying to gain access to these valuable databases. They can get into your network through social engineering, malware, and mobile devices to name a few. Sadly, most attacks go undetected for months, sometimes even a year unless it is ransomware when you are “notified” immediately!

Under the Security Rule, all entities that work with Protected Health Information are required to conduct a Risk Analysis to uncover any potential vulnerabilities. Then they must create a Risk Management plan to correct those deficiencies. Although most of the “technical” standards are addressable and not required, this does not mean optional. All covered entities and business associates must have reasonable and appropriate safeguards in place to protect their data. Aside from your normal IT services, we believe it will only be a matter of time before network security audits will become mandatory. Keep in mind your Policies and Procedures are still the backbone of HIPAA Compliance.

So what can you do to protect your data and your organization?

  1. Conduct a security risk analysis
  2. Mitigate the vulnerabilities that are discovered
  3. Request a third party network security audit
  4. Request documentation that your business associates are HIPAA Compliant
  5. Continual EDUCATION!

These are just some of the basics that you should implement. For more information on how Aris Medical Solutions can help your organization with HIPAA Compliance and Protecting your Data call 877.659.2467 or click here to contact us.

“Protecting Organizations through Partnership, Education, and Support”

About Suze Shaffer

Suze Shaffer is the owner and president of Aris Medical Solutions. She specializes in HIPAA compliance, risk management, and cyber security. She believes that by educating her clients in understanding why and what needs to be done to protect their practice they have a better outcome.

Suze has been instrumental in helping clients nationwide with risk management, implementing privacy and security rule policies and procedures, and ultimately protecting patient data. She includes state and federal regulatory requirements to ensure clients are protected in all areas.

She has spoken at numerous conferences and functions. She continues to educate organizations how to minimize the risks of data breaches. HIPAA compliance is not an option, it is mandatory for every organization that comes in contact with protected health information to have reasonable and appropriate security measures in place. Unfortunately, most organizations don’t realize they are not compliant until they suffer a data breach or they are faced with an audit or investigation.

Did you know that the Office for Civil Rights (OCR) is the agency that investigates data breaches? Have you seen the heavy fines that have been imposed for non-compliance?

All 50 states now have their own set of privacy laws and the State's Attorney General may also investigate privacy violations!

Share This HIPAA Blog

Phone Scams- Just hang up!

April 15, 2017

Is it time review your Policies and Procedures?

May 23, 2017
©2022 Aris Medical Solutions – HIPAA Risk Management | HIPAA Compliance Consultants | All Rights Reserved | Terms and Conditions | Privacy Policy
The content and images on this website is owned by Aris Medical Solutions and their owners. Do not copy any content or images without our consent.
Powered by Bandwise LLC
error: Content is protected !!