Welcome to the QI Express Security and Privacy BlogYour No. 1 Guide to Healthcare Regulatory Compliance
Last Fall CMS released new emergency preparedness rules. In total, there are 17 types of organizations that must comply by November 15.
Over the weekend a disturbing story emerged that highlighted the horror that can be caused by a poor understanding of HIPAA. A young woman in Flint, Michigan opened fire on family members. A hospital, which had recently treated the woman for mental illness,...
Three steps you should immediately take to prevent your organization from falling victim to cyber attack like WannaCry.
Using out of date software, or software that is no longer supported by the manufacturer poses a risk to PHI and increases vulnerabilities in healthcare
Ransomware attacks can be prevented with a multi-faceted approach – it’s a combination of high-tech and low-tech solutions.
Implementing policies and procedures can be a time consuming process. Here is a step-by-step approach to help guide your efforts.
Last week a $400,000 HIPAA settlement with Metro Community Provider Network (“MCPN”), a Federally Qualified Health Center (“FQHC”) in Colorado was announced
A great way to ensure staff are only accessing the minimum amount of PHI necessary to do their job, is by implementing role based access control.
The FBI announced last week that cyber criminals are targeting the medical and dental industries through FTP services operated in “anonymous” mode.
The threat of “Ransomware” has been growing at an enormous rate over the last few years. Many experts believe it to be one of the major income streams for organized cybercrime. Of all the target areas for Ransomware, healthcare is one of the most profitable. This trend will only increase as new attack software has far outstripped the industry’s response.
There are several software solutions to guide your project and allow you to focus on only what you really need to do. This can make being HIPAA compliant a cost effective and potentially revenue enhancing initiative.
The most important things to keep in mind to help you provide highly secure password protection. Strong passwords should be required, they should be changed frequently, and kept secure in all instances.
Determining HIPAA compliance is a constantly moving target. When were you compliant and who decided you were compliant?
A significant number of organizations in the healthcare industry, both covered entities and business associates, are leveraging cloud based solutions to store protected health information (“PHI”). However, there are some important things to keep in mind before storing PHI in the cloud.
No one likes to think about it, but malicious attacks by an insider are the cause of a significant number of healthcare data breaches. While they may be some of the hardest attacks to guard against, they are preventable.
Subscribe to the HIPAA Highlight
Click here to receive our weekly HIPAA Highlight.