Aris Medical Solutions Blogs

Keeping you informed and prepared

Malicious code, websites, and data breaches

When we conduct HIPAA training most employees are discouraged when we tell them not to surf the web on work computers. There is a very good reason for this… malicious code can be found on websites that have not been updated and maintained properly. Websites, just like any other technology device you use, must be updated and maintained to avoid being hijacked.
Read More

2019 HIPAA Updates

As we start this new year we must reflect what we have learned from 2018 in order to make 2019 a success. The Office for Civil Rights (OCR) has gained momentum in enforcing HIPAA violations. With that said HIPAA is an ongoing process and once is not enough. It is not considered done unless it is documented.
Read More

Do you have all of your HIPAA training documented?

  What do you know about HIPAA enforcement?Just imagine you were investigated by CMS or the OCR, what would they find? How confident are you in your medical and/or HIPAA documentation?Do you have the appropriate documentation to protect your organization? The Office for Civil Rights (OCR) is very serious about ensuring your organization is educating […]
Read More

Data breaches of 2018

We hear on the news about data breaches almost daily. Some are credit card theft, our personal information being sold, and then are medical data breaches. These are extremely worrisome as this is where identity theft can start. The medical community is a major target for that very reason, medical records are the main source […]
Read More

Spoofing, Phishing, and how to avoid getting caught in the middle

After attending the Office for Civil Rights (OCR) annual webcast, many things were confirmed that we thought may have been rumors. First of all, medical offices are targets of hacking because you hold everything needed for identity theft. What is identity theft? Most people think of it as their credit card being stolen, or even […]
Read More

Passwords – why you need to change them and not reuse previous ones!

Just as the eyes are the window to our soul, passwords are the gateway to our inner most kept secrets. Passwords are used to gain access to YOUR information, but what happens when your passwords are responsible for other people’s information? Did you know that by having your email hacked, you could potential expose not […]
Read More

Cost of cyber attacks on healthcare are steadily rising

Why are so many medical offices being attacked? Simple, this is a one stop shop for everything needed for identity theft and many medical practices do not have appropriate safeguards in place. Business associates have even been the target or the entry point. HIPAA requires certain security safeguards to be in place to ensure the safety and security of Protected Health Information (PHI).
Read More

Software Patches and Updates – Why they are so important.

Whether you work in a medical office or are a business associate, they all rely heavily on the software they use for patient care. The reason software developers send out periodic updates is because more than likely a vulnerability has been discovered and the “patch” or “update” will mitigate the issue. Vulnerabilities come in a […]
Read More

Workstation Security

HIPAA Compliance is more than just about a patient’s right to access their information. Although the HIPAA Privacy Rule is how most of this began, it is so much more now! The HIPAA Security Rule outlines administrative safeguards, physical, and technical security. Most organizations are so busy trying to figure out how to protect themselves […]
Read More

State law data breach notification updates

All 50 states now have a separate privacy law. South Dakota and Alabama are the final two states to enact data breach notification laws. Other states like North Carolina are proposing to update their requirements that only allow 15 days to notify in the event of a data breach. Although medical practices must adhere to […]
Read More

General Data Protection Regulation: What does this mean to the US

  By Aris Medical Solutions You may have already heard about the GDPR (General Data Protection Regulation) from the EU (European Union) that will affect many organizations here in the United States. Our personal information has been being sold for years. Some with and some without our knowledge. Many organizations require a person to “accept” […]
Read More

How well do you trust your compliance efforts?

  By Aris Medical Solutions HIPAA encompasses many aspects. Risk assessments, risk management, and your policies, procedures, documentation are the backbone of compliance. Most medical providers don’t think about compliance until they are audited. By that time it is too late to mitigate any issues that you may have. The main misconception is that “it […]
Read More

Do HIPAA Fines go away when a practice or business closes?

By Aris Medical Solutions Many medical practices and business associates have the misconception that if they are fined they can simply close their doors and not be obligated to pay the fines or penalties. We have been asked if this will work many times. The Office for Civil Rights (OCR) has answered this haunting question. […]
Read More

Updating your Contingency Plan

  By Aris Medical Solutions Contingency Planning is more than just a power outage or how to backup and restore your data. A complete plan should include different types of scenarios that could happen in your area. For those involved in Healthcare, creating a contingency plan is not optional.  Should you have a disaster and […]
Read More

Healthcare Cyber Attacks went up almost 90% in 2017

By Aris Medical Solutions There were 132 reported breaches under investigation from Health and Human Services’ (HHS) Office for Civil Rights (OCR) in 2017 related to Hacking/IT Incident. As you review the report you can see how many were related to email and desktop computers.;jsessionid=34CACC192CA85D8251D7D788C11DAF6D So how does this happen? More than likely it […]
Read More

Two factor vs Two Step Authentications

By Aris Medical Solutions Sometimes these terms are interchanged which is is not exactly correct. Let us explain the difference! Two factor authentication is typically a username AND a password. This can also be explained as who you are and something you know. Two step is using two different types of authentication like a username […]
Read More

MIPS, MACRA, and Risk Assessments

  By Aris Medical Solutions MIPS (Merit-based Incentive Payment System) and MACRA (Medicare Access and CHIP Reauthorization Act) is designed to create better patient outcomes and reward those providers that accurately document the progress of their patients. This all sounds great but it takes additional time until this new workflow is established. This is very […]
Read More

Why should I try to secure my data?

  By Aris Medical Solutions With all of the large data breaches making the news many smaller organizations think why bother. If the large companies can’t keep their data save, there is no way I can. Keep in mind, large organizations are a huge target and their data is sought after on a grander scale. […]
Read More

Mobile Devices in Healthcare

  By Aris Medical Solutions (Taken from OCR Cybersecurity Newsletter 10/31/17 – Mobile Devices in Healthcare) Mobile devices, including cellphones, tablets, and laptops, are increasingly ubiquitous in many work environments – including healthcare organizations. The use of mobile devices in the workplace can be convenient and productive, but organizations should realize the risks associated with […]
Read More

Office for Civil Rights (OCR) Self Reporting – Should you do it?

  By Aris Medical Solutions   If you have a minor breach (under 500 records) you are required to self report this breach within 60 days after the end of the calendar year in which the disclosure occurred. If you report it, you run the risk of being investigated. So many times I hear organizations […]
Read More
1 2 3 4 5
©2022 Aris Medical Solutions – HIPAA Risk Management | HIPAA Compliance Consultants | All Rights Reserved | Terms and Conditions | Privacy Policy
The content and images on this website is owned by Aris Medical Solutions and their owners. Do not copy any content or images without our consent.
Powered by Bandwise LLC