Posts

watching eye

So you know you are regulated by HIPAA. But in a broad sense, what must your organization do to be in compliance? First and foremost, you need to understand what HIPAA and the HITECH Act are regulating. HIPAA and the HITECH Act are regulating and enforcing the security of an individual patient’s health information. The specific information being regulated is known as Protected Health Information (PHI), also known sometimes as Individually Identifiable Health Information (IIHI), and its subset, electronic Protected Health Information (ePHI). ePHI is simply PHI stored, maintained, etc. in digital form. These are defined as any data that can individually identify a patient. That means anything that can reasonably ID a patient. Examples include SSN, medical ID, age, vmail, URLs, driver’s license number, license plate numbers, photos, names of relatives, identified test results, telephone numbers, email and postal addresses, and medical images. As can be seen, this sweeps a large swath of data under the umbrella of protected information.
Read more

hippa fines

For most of us, HIPAA is just some strange acronym for a law we stumble across everytime we visit a doctor’s office or medical clinic. Something about signing to allow the office to have access to your medical records so they can treat you. Or something like that. However, if your business has a professional relationship with a medical office, hospital, healthcare provider or health insurance plan, you may well be regulated by HIPAA. This matters because failing to abide by HIPAA privacy regulations can result in serious penalties. Just as an example, check out these dollar figures from HHS, who administers HIPAA.

Read more

hacker laptop

The dark web is essentially a marketplace for cyber criminals. If your data has been compromised, the dark web is the place where it is traded. It could be sold by miscreants, to miscreants, who can later hack into your system or extort money from you to prevent a data leak and so on.

Read more

medical dental support

No doubt, having an MSP to manage the IT requirements of your dental practice offers multiple benefits. But, be sure to consider the following before you sign up with one.

Read more

emails laptop

Whether you have your in-house IT team, or have outsourced your IT needs to be taken care of by a Managed Services Provider, you need to know what are the possible risks to your business from the IT perspective. Having an IT risk checklist can help you be better prepared for an IT emergency.

Read more

4 ways to protect your data

When you look at all the ways that your data can be placed at risk, it can be pretty discouraging. As discussed in our last two blogs, data is at risk from bad actors, failed hardware, human error and external events largely beyond anyone’s control. However, there are a range of solutions, some of which can be money-saving, that can help mitigate risk. Here are four key areas on which to focus.

Read more

data risk hardware software and the threats around us

Aside from human error and the work of bad actors, our data faces others risks. In particular, the failure of your hardware and software to protect as designed, and the numerous external threats that exist, largely beyond anyone’s control.

Read more

threats to data beyond cybercrime the human factor

With the news cycle dominated by data that has been stolen by cybercriminals, it is easier to overlook the other, sometimes benign ways your data may be placed at risk and become inaccessible to your employees and customers.

Read more

ransomware and disaster recovery plans

Disaster recovery is a basic element of good business continuity planning. Business continuity planning refers to the broad range of plans created so that a business–that includes veterinary practices–can continue to be operational no matter what negative event might occur. Business continuity planning addresses severe, catastrophic events, loss of the lead doctor, director, or other principals in the organization, severe natural disasters that incapacitate a physical location, etc. Disaster recovery planning is one piece of this broad planning. Specifically, disaster recovery plans refer to how to quickly recover from some event that compromises your IT infrastructure.

Read more

user laptop ransomware

We hear routinely in the news that a major corporation or government agency has had its data integrity compromised, with millions of pieces of personal data accessed. In these cases the criminals behind the attack hope to get money by selling that data to other criminals. In the case of ransomware, the criminals want your money, and try to get it by holding your data hostage. Plain, old fashioned kidnapping with a hi-tech spin.

What can you do to avoid falling victim?

Read more