While the nation was shut down and people were suffering, hackers were busy at work. It is coming to light how many organizations have had a data breach and have been hit with ransomware. Now more than ever all organizations...

First, it is required under HIPAA that medical organizations and business associates ensure the confidentiality, integrity, and availability of ePHI. Part of a HIPAA compliance program requires an entity to conduct a HIPAA risk analysis to determine where ePHI is...

We find this difficult to talk about especially during these trying times. However, we feel it is important for all practices to know that HIPAA violations and fines have not disappeared during this pandemic. Investigations take a long time and...

By Suze Shaffer July 15, 2020 The Office for Civil Rights (OCR) back in March relaxed it’s enforcement for non-compliance with regards to telemedicine. They permitted the use of audio/video communication applications such as Facetime, Google hangouts, Zoom, and Skype...

By Suze Shaffer March 15, 2020 We all have been annoyed at one time or another when we arrive at a counter or a place of business and the person is on their cell phone and we are ignored. Of...

By Suze Shaffer February 15, 2020 Many covered entities struggle to understand what is “right of access” for individuals. Under HIPAA and the Omnibus Rule, a patient has the “right” to request a copy of their medical record in the...

By Suze Shaffer January 15, 2020 Hindsight is always 2020, as we begin this new year, let’s try to make that a current sight! By now, those of you who have been using Windows 7 computers and 2008 Servers have...

By Suze Shaffer Like we don’t have enough to worry about, now this! Security researchers are saying this new technique is effective even against systems that are patched and run anti-virus scans. This process allows ransomware to encrypt files on...

By Suze Shaffer When designing your website we all think it’s a great idea to “share” who are team is. Although, it is necessary in healthcare because patients want to see who your staff is and get to know them,...

By: Aris Medical Solutions We all hope that we do not fall victim to ransomware, but we need to do more than just hope. All businesses, especially healthcare must have a contingency plan that includes data recovery in the event...

We really don’t want to scare organizations, but this is a real problem and we feel this must be disclosed. A data breach costs an organization on many different levels. The cost of notification, credit monitoring, remediation, then comes fines...

We are always talking about HIPAA compliance because that is what we do! Sadly many practices think just having a patient sign they received your Notice of Privacy Practices is all that is needed. There is so much more to...

When we discuss IT security, we generally think of a company that maintains our computer network. That is partially true, but that is just the beginning. There is a difference between maintaining your network and securing it. There are a...

It is important for all businesses to review what they have in their employee handbook. If you do not have one, it is imperative that you create one immediately. Employees have rights under certain laws. You could have misinformation that...

  In the news nearly daily there is talk about a data breach, a hacking incident, or a cyber crime. Most practices do not think about this until it happens to them, unfortunately it could be devastating. Most experts now...

When we conduct HIPAA training most employees are discouraged when we tell them not to surf the web on work computers. There is a very good reason for this… malicious code can be found on websites that have not been...

As we start this new year we must reflect what we have learned from 2018 in order to make 2019 a success. The Office for Civil Rights (OCR) has gained momentum in enforcing HIPAA violations. With that said HIPAA is...