policies and procedures Archives

Suze Shaffer June 1, 2017February 1, 2024

By Aris Medical Solutions

Nearly everyone has received a phishing email at one time or another. It seems like every time a celebrity makes the news, scammers are sending emails, and creating fake sites to steal your information. They prey on our interests and they know that many people are interested in learning what “really” happened. Remember the old saying “curiosity killed the cat”, well this may not kill you but it could make your life miserable and cost you a lot of money! They can install malware on your computer and depending on the type of malware, it could also do some very nasty things!

Here are some helpful hints:

Never use work computers to surf the web, especially do not go to websites that you are unfamiliar with. If you do not follow the policies and procedures of your organization, YOU personally could be held liable for any breaches or theft of information.
Never click on links in an email offering “important” or requires an “urgent” response. Instead open your browser and go to the website you are familiar with.
Never click on email attachments that offer “important” or “urgent” information.
Never click on links within social media.
Make sure you have enterprise versions of anti-virus and anti-malware software and they are up to date.
Implement a two step process before authorizing any exchange of money and anywhere it is offered.
Continual education!

For more information on how Aris Medical Solutions can help your organization with HIPAA Compliance and Protecting your Data call 877.659.2467 or click here to contact us.

“Protecting Organizations through Partnership, Education, and Support”

Suze Shaffer May 1, 2017February 1, 2024

By Aris Medical Solutions

Health care organizations are now a primary target since they are the custodians of patient data and a plethora of information. The reason patient information is sought after so much is because it can be sold on the black market for a decent price. Social Security Numbers also have a longer shelf life unlike credit card numbers. Therefore it is imperative that any company or person that is involved with healthcare data do what they can to protect their computers and/or network.

Criminals are diligent in trying to gain access to these valuable databases. They can get into your network through social engineering, malware, and mobile devices to name a few. Sadly, most attacks go undetected for months, sometimes even a year unless it is ransomware when you are “notified” immediately!

Under the Security Rule, all entities that work with Protected Health Information are required to conduct a Risk Analysis to uncover any potential vulnerabilities. Then they must create a Risk Management plan to correct those deficiencies. Although most of the “technical” standards are addressable and not required, this does not mean optional. All covered entities and business associates must have reasonable and appropriate safeguards in place to protect their data. Aside from your normal IT services, we believe it will only be a matter of time before network security audits will become mandatory. Keep in mind your Policies and Procedures are still the backbone of HIPAA Compliance.

So what can you do to protect your data and your organization?

Conduct a security risk analysis
Mitigate the vulnerabilities that are discovered
Request a third party network security audit
Request documentation that your business associates are HIPAA Compliant
Continual EDUCATION!

These are just some of the basics that you should implement. For more information on how Aris Medical Solutions can help your organization with HIPAA Compliance and Protecting your Data call 877.659.2467 or click here to contact us.

“Protecting Organizations through Partnership, Education, and Support”

Tag: policies and procedures

Phishing Scams are hitting everyone!

By Aris Medical Solutions