Call Us Today! 877-659-2467 contactus@arismedicalsolutions.com

Tag: data breach

DynA-Crypt Ransomware is worse than the others!

Posted bySuze Shaffer

 

By Aris Medical Solutions

 

Karsten Hahn who is a GData malware analyst discovered this ransomware called DynA-Crypt. Larry Abrams at Bleepingcomputer alerted the world about this new type of ransomware. Thanks to them, we know about this and must be diligent in protecting our information.

This new strain is even more dangerous and destructive than the others. This malware not only encrypts your data, but also takes screenshots of your active desktop, login commands that you type, and even records system sounds from your computer. It will even steal information from Skype and Chrome. While this vicious attack is encrypting your computer, stealing your information, it is also deleting your files.

This would be considered a major HIPAA data breach and not only will you lose everything, you will have to report this to your State and Federal authorities under the Breach Notification Laws.

Make sure your anti-virus and anti-malware is up to date and verify it is an enterprise version. Although this is not specifically stated under HIPAA, it is considered reasonable and appropriate. If you never have this happen to you, the HIPAA Police is not going to penalize you. However, if this does affect your practice or organization and you do not have reasonable and appropriate safeguards in place, you will be fined and penalized.

Everyone in your organization should be made aware of this new attack and remind them NOT open any file attachments OR click on any links in ANY email unless you are absolutely sure it is safe. Best practices is to open your browser and go directly to the company’s website to check on anything you receive in an email. Also be VERY careful trusting emails from friends. If YOUR email is hacked, they will spoof a name in your contact list and send an email back to YOU. They hope that since you know this person you will open the email. If you receive an email that asks you to click on a link or open a file, look carefully at the FULL email address, more than likely is NOT your friends email. Keep in mind, it still could come from their actual email address. Always call or text them and ask if they sent this to you.

For more information on how Aris Medical Solutions can help your organization with HIPAA Compliance and Protecting Patient Data call 877.659.2467 or click here to contact us.

“Protecting Organizations through Partnership, Education, and Support”

Storing Patient Records

Posted bySuze Shaffer

 

By Aris Medical Solutions

 

Since most medical practices are going electronic, it may be time to free up some of that precious space in your office. Make sure when, how, and where you decided to store your data is secure.

Some practices move excess patient charts to a self storage unit. It’s cheap and if you have an patient chart inventory list you should be safe… right?
What happens if the facility burns down?
What if someone breaks in and it is not discovered for months?
What if you don’t have an inventory list of which records are in there?

  • Did you know that PHI is considered PHI until after a person has been deceased for 50 years! That means even if the person isn’t alive, it is still a reportable breach!
  • Did you know that if you can’t determine if ANY records or WHICH records were stolen, you would have to report all of them.

Self storage units may sound like a good deal. That good deal could cost you more in the end. If the unit burns or if it is vandalized, you could be charged for wilful neglect for NOT securing the records. Not to mention, you may be required to report this as a data breach and cost you nearly $350.00 per record! Are you willing to accept that risk? After all, the OCR doesn’t specifically state what is or is not HIPAA compliant. If you suffer a data breach, THEN they will determine if you had reasonable and appropriate safeguards in place.

Now I will ask you.. Wouldn’t it make sense to spend about the same amount of money and have a professional company store your records? That’s right; for about $50.00 per month you can store approximately 100 boxes of records! Of course pricing will depends on your location and how many you need to store. When organizing the records, we suggest by year and alphabetize them. This makes it much easier when the time comes to destroy them!

If you need assistance with a Risk Analysis, Risk Management Plan, or implementing a full set of HIPAA Policies and Procedures, call Aris at 877.659.2467 or click here to schedule a demo. We offer a full range of services from a Do-It-Yourself HIPAA program to a Full HIPAA Implementation package.

“Protecting Organizations through Partnership, Education, and Support”

©2025 Aris Medical Solutions – HIPAA Risk Management | HIPAA Compliance Consultants | All Rights Reserved | Terms and Conditions | Privacy Policy
The content and images on this website is owned by Aris Medical Solutions and their owners. Do not copy any content or images without our consent.
Powered by Bandwise LLC