Blog

Concerned about ransomware attacks? You should be. With over 66 percent of healthcare organizations reporting they experienced a ransomware attack in 2021, proactively protecting your patients’ data has never been more critical.  

Performing a regular Security Risk Assessment (SRA) will help an organization ensure it is compliant with HIPAA’s administrative, physical, and technical safeguards. A risk assessment also helps practices discover areas where protected health information (PHI) could be at risk. To learn more about the assessment process and how it can benefit your organization, we recommend visiting the Office for Civil Rights' official guidance.

Last week, health plan provider Centene disclosed that they had lost track of six hard drives containing the private information of roughly 950,000 individuals.  These records contained details such as names, addresses, dates of birth, member ID numbers, private health information (PHI), and Social Security Numbers. Luckily (if you can call it that), at least they did not contain any financial or payment details. According to the disclosure from Centene, the missing hard drives contained about six years worth of research data (2009-2015) and “were a part of a data project using laboratory results to improve the health outcomes of [their] members.” 

Welcome to the second half of our brief blog series on the dangers of fake apps and rogue security software.  In Part 1, we took a look at fake apps.  Among those discussed was the infamous Virus Shield, a fake mobile antivirus app that did not actually do anything.  However, those who downloaded the fake app may want to consider themselves lucky that it didn’t.  Had it been a rogue security software loaded with a virus (or worse), as we will show in this second installment, their situations could have been far more troublesome.  In fact, a 2010 study by Google found that 15% of all malware is downloaded due to rogue or fake antivirus software.

Security breaches are likely to be at the forefront of your concerns when it comes to managing your practice. Still, you may not be doing everything in your power to avoid them. Take a look at these helpful tips for managing your practice's security.

Now that you’ve had some time to weigh the pros and cons of adopting BYOD, it is time to start working up an adoption plan. For any workplace, this requires researching and investing in certain mobile security tools. It also means addressing a number of key infrastructure and staff issues. Those in the healthcare industry must consider issues such as maintaining devices and network security, just as any other workplace would. However, those in healthcare have additional components they must take into consideration when it comes to BYOD—HIPAA compliance and securing Protected Health Information (PHI). As already mentioned in Part 1, HIPAA violations and PHI breaches can be extremely costly.

The last two decades have seen an unprecedented rise in technology both at home and in the workplace. This transition has affected all aspects of our lives, both public and private, and physicians practices are no exception to this statement. While advances in technology have largely been positive for the world of medicine, it's impossible to ignore the fact that a host of new security concerns have come along with this rise in user-friendly systems. When determining which EMR software best suits the needs of your practice, it's important to consider the specific situations and security concerns that your clinic or office will undergo on a daily basis. With that in mind, take a look at some of the most common security concerns affecting doctors' offices today: