More and more SMBs are migrating to the cloud and that is not a surprise considering the numerous benefits the cloud can offer them. For a SMB, the cloud is a cost efficient and secure answer to their growing data needs and IT security requirements. The cloud grows with them and lets them scale their business without worrying about a corresponding rise in IT costs. Plus, with the cloud, the important aspects of security and backups are mostly taken care of by the cloud service provider. And then, there’s the convenience of any-time-anywhere data access. With all these benefits that the cloud brings, what’s there to think about before signing up with a cloud service provider? While are a lot of benefits of storing your data on the cloud, but your data is still yours, so there are a few things you need to know and be comfortable with before you jump onto the cloud.
So you know you are regulated by HIPAA. But in a broad sense, what must your organization do to be in compliance? First and foremost, you need to understand what HIPAA and the HITECH Act are regulating. HIPAA and the HITECH Act are regulating and enforcing the security of an individual patient’s health information. The specific information being regulated is known as Protected Health Information (PHI), also known sometimes as Individually Identifiable Health Information (IIHI), and its subset, electronic Protected Health Information (ePHI). ePHI is simply PHI stored, maintained, etc. in digital form. These are defined as any data that can individually identify a patient. That means anything that can reasonably ID a patient. Examples include SSN, medical ID, age, vmail, URLs, driver’s license number, license plate numbers, photos, names of relatives, identified test results, telephone numbers, email and postal addresses, and medical images. As can be seen, this sweeps a large swath of data under the umbrella of protected information.
You deal with HIPAA every time you visit a medical office. But what is this law that seems to constantly appear anytime you get near a healthcare provider? HIPAA is the acronym for The Health Insurance Portability and Accountability Act of 1996. Aside from allowing for portability of health insurance for the individual, the laws main reason for being is to ensure the protection and privacy of an individual’s medical data. HIPAA strictly regulates the security of medical data, and holds anyone who possesses or touches it in any way liable for any data breach that occurs. HIPAA (1996) and its younger cousin, the HITECH Act of 2006 strictly regulate and monitor the security of all individual medical data in the U.S.
For most of us, HIPAA is just some strange acronym for a law we stumble across everytime we visit a doctor’s office or medical clinic. Something about signing to allow the office to have access to your medical records so they can treat you. Or something like that. However, if your business has a professional relationship with a medical office, hospital, healthcare provider or health insurance plan, you may well be regulated by HIPAA. This matters because failing to abide by HIPAA privacy regulations can result in serious penalties. Just as an example, check out these dollar figures from HHS, who administers HIPAA.
You have probably come across the term multi-factor authentication of late. It is an IT buzzword today and is fast becoming one of the best practices of cybersecurity. So, what is multi-factor authentication, exactly? Read this blog to find out.
No doubt, having an MSP to manage the IT requirements of your dental practice offers multiple benefits. But, be sure to consider the following before you sign up with one.
In our last blog, we discussed 2 of the 5 important IT checklists that every SMB should have. In this post, we cover the other 3, namely, IT training, Data Backup, and BYOD checklists.
We hear routinely in the news that a major corporation or government agency has had its data integrity compromised, with millions of pieces of personal data accessed. In these cases the criminals behind the attack hope to get money by selling that data to other criminals. In the case of ransomware, the criminals want your money, and try to get it by holding your data hostage. Plain, old fashioned kidnapping with a hi-tech spin.
What can you do to avoid falling victim?
Bring Your Own Device, or BYOD, to work was an idea a few years ago that is becoming a reality very fast. To use your personal smartphone, tablet or laptop for work seems increasingly natural. Employees are embracing this concept without any serious reservations. As more and more business activity becomes technology driven, to have electronic gadgets right by your side all the time make sense. According to a survey conducted by Logicalis about 75% of employees in high growth markets such as Brazil and Russia and 44% in developed markets bring their own devices to work.
BYOD refers to a firm’s policy of allowing employees to use their own personal phones, tablets and laptops for all their work applications.This is a pretty common policy, and it has many benefits, but it brings along risks. How are you addressing these risks?
8306 Wilshire Blvd., #301
Beverly Hills, CA 90211
P: (310) 853-8006