The BYOD Party

Posted by on May 25, 2012 in HIPAA Headlines | 0 comments

Bring Your Own Device (BYOD) to work is all the rage these days. Why? 3 words: Smart Phone, Tablet Smart phones cracked the BYOD barrier not necessarily as a work device, but as a way for someone to stay more connected to the outside world while at work.  As more applications appear, more can be done on a smart phone – Eprocrates seems to be the application I see most at a medical office, but this article covers the top 10 apps a medical student should have. Tablets have further proliferated the desire to BYOD.  Typically not...

read more

Why You Should be Scared

Posted by on May 14, 2012 in HIPAA Headlines | 1 comment

Up to this point, most private practice physicians treat HIPAA compliance as…”something we’ll get to.” Most docs think their practice is compliant…they are wrong. I’ve mentioned before the threat of lawsuits and now this article. If this quote doesn’t send chills up your spine, then I don’t know what will: ““The privacy data breach area offers some new opportunities to expand the types of cases that we’re handling,” said Eric Grover, partner at the seven-lawyer California law...

read more

Stolen Laptops and the Whole Ball of Wax

Posted by on May 3, 2012 in HIPAA Headlines | 0 comments

Most of the time when I read a story on a stolen laptop, it is just the singular topic – Hey genius, if you encrypted your laptop this wouldn’t be an issue. The latest story I’ve come across pulls pieces in from multiple issues that a medical practice needs to consider.  Though the incident revolves around a hospital and a contractor, this same situation plays out daily at all sizes of private practices. This all began, sort of, in the summer of 2011 when Fairview Health System of Minnesota hired a contractor from...

read more

Sutter Breach Notes

Posted by on Nov 21, 2011 in HIPAA Headlines | 0 comments

As I’ve preached before, if you are going to store PHI on a mobile device (laptop, external hard drive, etc), you better make sure that you encrypt the hard drive. Typically, I am less concerned about desktop PC’s and servers as, you should have proper physical security systems in place. The recent Sutter Medical Foundation breach affected about 5 million patients…and brings to light the further need to encrypt desktop computers. The device stolen was a desktop PC. So, should that computer have been encrypted? From...

read more

Do as I say, not as I…Oops!

Posted by on Oct 31, 2011 in HIPAA Headlines | 0 comments

Take a look at a list of PHI breaches and there are a few items that stand out: Many are at the hands of a contractor Most are portable storage device losses or theft (this includes tapes, laptops, etc) Lots are at big government entities One of the goals of HIPAA regulations is to give those that deal with PHI guidance on how to properly handle that PHI. Specifically, follow the HIPAA regulations and you will greatly reduce the risk of a PHI breach. The challenge of course, is the government can rarely explain anything clearly. Add...

read more