HIPAA

Universal Health Systems was hit with a ransomware attach this week. Their servers began to fail over the weekend and Hospitals across the country completely lost access to their EHR systems. As a result of this attack many facilities were forced to go to pen and paper for medical record keeping. In many locations the nursing staff did not have access to medication lists and had no way ok knowing which medications patients needed, how much to dose, or even who needed medications.

in order to be HIPAA Compliant, you must maintain a "Culture of Compliance" at your office. This can include keeping your software up-to-date, regular required training and addressing risks that pose to your office. This month we address HIPAA training, encrypting your drives and Business Associate Agreements

Very often we have companies that provide us with computer hardware and software support can access our computer systems. The question is how secure are our trusted partners? In this case an Orthopedic Clinic did not properly manage access to their network and it cost them $1.5 million.

Have you encrypted your laptops? No? You should probably start thinking about getting those devices encrypted.