September 15, 2017

CMS May Want Their Money Back

The old adage, "Money can make you do crazy things," can easily be applied to both our personal and business lives. Within the healthcare industry, HITECH incentive payments were offered by the U.S. government several years ago to implement electronic health record (EHR) systems at hospitals and other healthcare organizations. In order to qualify for these incentive payments, healthcare organizations were required to carry out regular security risk assessments to show they were meeting the HIPAA Security Rule requirements. While a large number of healthcare organizations properly followed the rules and carried out the security risk assessment required, a select number received the incentives without doing so.

Continue reading >

Topics: Electronic Health Records

September 01, 2017

Are Your Medical Devices Secure?

If your hospital or clinic uses a Windows 7-based version of a Siemens PET/CT or SPECT system, it could be vulnerable to attack by a relatively low-skill hacker, according to a July 26 security advisory from the company.

Continue reading >

Topics: Electronic Health Records

May 19, 2017

Lessons Learned From the WannaCry Ransomware Attack

Last week, the WannaCry ransomware attack hit over 150 countries and infected tens of thousands of systems worldwide. Among those victimized were England’s National Health Service, automobile manufacturers, and government systems. The worm’s ominous red ransom screen, informing the user that all files have been encrypted, was found on only on users’ desktops, but also on ATM screens, parking meters, digital billboards, and industrial control systems.

Continue reading >

Topics: Electronic Health Records

January 27, 2017

HFMA Mid-South Institute 2017 Highlights

We’re gearing up for what’s in store in the healthcare arena in 2017 by attending HFMA’s Mid-South Institute. Attendees from Missouri, Arkansas, Mississippi, and Tennessee have gathered to learn of updates in healthcare and how to embrace for the year ahead. Here are a couple of themes that were reinforced during the conference:

Continue reading >

Topics: Electronic Health Records

October 06, 2016

Hacking Healthcare: How to Offensively Protect Healthcare Systems

This commentary originally appeared September 20 on the HORNE Cyber Blog.

A breach of a healthcare provider can have a serious impact, both in terms of financial loss and patient confidence. HIPAA violations can involve fines of up to $50,000 per patient record, and in many cases, attackers are able to access all of a provider’s patient records.

Continue reading >

Topics: Electronic Health Records

September 01, 2016

Where is Your Data? Why Performing a Data Inventory is Integral in the Digital Age

There’s no denying it—healthcare data has gone digital. The days of paper health records are fast disappearing, and if the Centers for Medicare & Medicaid Services have their way, we won’t be going back. CMS has built meaningful use of electronic health records into its plans for a number of years, and the healthcare industry is responding.

Continue reading >

Topics: Electronic Health Records, Healthcare Data

August 11, 2016

Is Paying the Hacker Your Only Defense?

Recently, I received a call from a close friend who wanted advice because his small company had been the victim of a ransomware attack. A hacker had locked the company out of all significant business applications, compromised all the backups, and wanted $250 in the form of Bitcoins to unlock the system. The IT manager tried to restore the systems without paying and without success.

Continue reading >

Topics: Electronic Health Records, Healthcare Data

June 28, 2016

10 Takeaways from the AHLA Annual Meeting

One of our favorite sessions at the AHLA Annual Meeting is the Year-in-Review by Jack Schroeder and Elizabeth Carder-Thompson. It is a great way to get caught up on a year’s worth of activity in health law in 120 minutes. Out of the volumes of information Jack and Elizabeth read to summarize for conference attendees, we found 10 pieces of information that were particularly interesting for our practice in these days of constant and rapid change. We felt these would be worth sharing:

Continue reading >

Topics: Electronic Health Records, Hospital Acquisition

October 08, 2015

Don't Forget Phone Security

If I had to guess, I’d say you are reading this on your iPhone, iPad, Galaxy or some other mobile device. I’m not clairvoyant; research shows more than half of all emails are opened on mobile devices. It’s likely that if you use tablets or smart phones, you use them in almost every facet of your life from communicating with your friends, family members and work associates to helping with homework, paying bills and working from home. Fortunately, the security built into the systems is generally adequate for most of your personal needs. 

Continue reading >

Topics: Electronic Health Records

August 20, 2015

5 Tips for Managing HIPAA Business Associate Risks

Recently, thousands of medical transcripts detailing the medical histories of children and adults, as well as notes made by doctors and psychiatrists, were publicly listed on an Internet search engine. Without proper encryption, confidential and extremely personal information was exposed to anyone who wanted to access it.

Continue reading >

Topics: Electronic Health Records

April 23, 2015

A Robust Technology Strategy is Essential

It’s a sign of the times – Dr. Phil McGraw attended this year’s Consumer Electronics Show to pitch his new app “Doctor on Demand.” His app allows a patient with a smart phone or tablet to access a board-certified doctor or psychologist for about the cost of an office visit co-pay. DOD has 1,400 physicians and 300 psychologists in its network.

Continue reading >

Topics: Electronic Health Records

RELATED POSTS