Easy is Usually Not Secure

in HIPAA Headlines by John Brewer Leave a comment

I’m really going to talk about Dropbox and the recent security issue they had, but before that I want to illustrate something. When I speak with medical offices about reducing the risk of a PHI breach I generally hear lots of frustration on the other side. I get it. Let’s look at this from a Read More

Social Engineering

in HIPAA Headlines by John Brewer Leave a comment

Most computer infections, network break-ins and “hack” jobs are accomplished using a thing called Social Engineering. The Collins English Dictionary defines Social Engineering as: the manipulation of the social position and function of individuals in order to manage change in a society. I define social engineering as: tricking people to get them to do what Read More

But Our Laptops Never Leave the Office

in HIPAA Headlines by John Brewer Leave a comment

This is a common response when I ask if a practice has encrypted their laptops. Horizon BCBS is a glaring example of why this does not matter. Horizon had some laptops that were just password protected, not encrypted. NOTE: password protection is simple to break – generally can be done in under 5 minutes, whereas Read More

e-Prescribe Deadline Looms

in HIPAA Headlines by John Brewer Leave a comment

In case you have gotten a bit confused by all of the cliff-dwelling deadlines, here is a reminder for one of them: June 30 Deadline June 30, 2013 (yes the end of this month) any provider who submits Medicare Part B Fee for Service (FFS) claims.  Act now to ensure that you avoid the 2.0% Read More

The End of Innocence?

in HIPAA Headlines by John Brewer Leave a comment

The MED in Memphis, which is a the regional medical center in Memphis, TN is notifying 1,200 patients of a PHI breach. This breach is has been classified as an “innocent employee mistake“, in which 3 un-secure emails were sent with attachments that contain PHI. This goes right to my email soap box speech. I Read More