Strategies to Ensure HIPAA Compliance

New Health Care Rule Goes Into Effect October 1st (Minus The Penalty)

With new HIPAA regulations going into effect on September 23rd, and the Affordable Care Act, or “Obamacare,” beginning its official rollout on October 1st, the health-care landscape has never looked more confusing. Two recent polls from the Pew Research Center/USA Today and the Wall Street Journal/NBC News bear that fact out.

Continue Reading…

Understanding How New HIPAA Compliancy Rules Apply to Your Business

Sweeping changes have recently transformed the American health care landscape, forcing many small and medium-sized businesses (SMBs) to scramble to keep up. While the Affordable Care Act, or “Obamacare,” dominates the news cycle, other new regulations like the Omnibus Rule, which amends HIPAA (Health Insurance Portability and Accountability Act of 1996), promise to present even greater challenges for the SMB community.

Continue Reading…

Quickly Prevent Unauthorized Use of Your Computer

In past, we’ve discussed how the human element is one of the weakest links in IT security. That’s why social engineering is such a well-used tool for hackers. Training and diligence are important safeguards against such external threats, but what about security holes within the walls of your office?

How many times per day do you step away from your computer without logging out or locking the screen? If your answer is more than “zero,” then you may be exposing your network and data to threats. If you leave your computer logged on and unattended, any person that sits down in front of it has access to all of the things you do such as your email, server permissions, and more.

Furthermore, a breach doesn’t necessarily require ill intent on the part of an employee. Perhaps you’ve left financials or client records open on your computer while you went to refill your coffee. An employee doing something as benign as delivering papers to your desk might see the information on your screen and, if your business is subject to privacy laws like HIPAA or FINRA, that could constitute a breach.

Continue Reading…

HHS Gets Serious About Civil Monetary Penalties for HIPAA Violations

Until recently, the nearly decade-old regulations implementing the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) carried little bite. Even after the passage of the Health Information Technology for Economic and Clinical Health Act (“HITECH”) in 2009, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) had done little in the way of enforcement actions. All of that changed in February of 2011, when the OCR significantly ramped up its enforcement of HIPAA. The OCR imposed the first civil monetary penalty for a HIPAA violation – a whopping $4.3 million – since the enactment of HIPAA and entered into a $1 million settlement with another provider for an alleged HIPAA violation.

Continue Reading…

Why should you care about HIPAA?

You shouldn’t, unless you are somehow linked to the healthcare industry. And then if you don’t, it could cost you up to $100,000 or 5 years in prison, depending on the severity of the violation.

Have you ever stood in line at a pharmacy at Costco or Walgreen’s, and had your name called out loud? Or, when visiting a doctor’s office, filled out a sign-in sheet with other names before yours? When a curious nurse at UCLA looks through Angelina Jolie’s charts, and decides to sell the information to a tabloid, he should be making vacation plans to the Federal jail, not Hawaii! According to HIPAA, these are violations.

Continue Reading…

Is there a gaping hole in your data security?

While you’re busy making sure your business data is safe by encrypting your wireless network, sending e-mails over a secure connection, using a business-class firewall and storing your backups in a highly secure remote location, what are the chances that you’re still putting your information at risk?

Continue Reading…

The Data Trove Hidden In Your Copier

While you’re busy making sure your data is safe by encrypting your wireless network, sending emails over a secure connection, and storing your backups in a highly secured remote location, what are the chances that you’re still putting your information at risk?

It turns out that nearly every digital copier made since 2002 stores scans of every image they copy on an internal flash or hard drive. These hard drives don’t have an endless amount of memory, so over time they’ll overwrite old files with new ones. But still, the fact remains that if you’ve recently copied confidential company documents, images of those documents are living inside your copier. And that means they’re available to anybody who buys your used copier through a warehouse or reseller that hasn’t bothered to wipe your drive.

Continue Reading…

The Invisible Part-time Employee

Technology is a funny thing. It’s like a living, breathing organism with a mind of its own. When created and implemented correctly, it does what you expect it to do – serve you! It’s the invisible employee you never interviewed who stays in the office 24X7, hands you your emails in the morning, prints out the bid from last year that you thought you had lost, and puts your documents away neatly in files and folders. At the end of the day, it takes a look at all the changes you and your staff made to the hundreds of documents during the day and saves the changes to a secure location so that in case of accidental data loss, your critical information can be quickly retrieved without any effort on your part.  And all this is done at the cost of hiring a “part-time” employee who will not whine about a bonus, complain about the a/c setting, or take endless coffee breaks.

Continue Reading…