- May 24, 2019
- Posted by: David Thornton
- Category: Business Advice, HIPAA Compliance, Ransomware
The Health Insurance Portability and Accessibility Act is intimidating for many doctors and office managers. Just remember, it’s all about protecting your patient data, known as protected health information (PHI). Small practices are required at minimum to have an annual comprehensive risk assessment. Before you hire a HIPAA consultant, take the following short survey to assess whether you are on the right track:
The 10 question survey is not a substitute for a comprehensive risk assessment, but it can give you a good idea of where many offices fail. Policies and procedures can be the toughest aspect to implement as it often requires a cultural shift in an office that has survived thus far without them. The risks of non-compliance are too great, however.
The Threats are Evolving
Cyber-crime continues to evolve. Currently, the health-care industry is the #1 targeted field. Cyber-criminals that deploy ransomware know that the fears of government fines and loss of patients will compel many doctors to simply pay the ransom. This has three problems:
- Ransom costs continue to rise.
- Paying a ransom does not guarantee that your data will be recovered.
- Money for ransoms often goes toward some really terrible things (ie terrorism, child sex trafficking, etc.)
If you feel overwhelmed, we are here to help. Let us serve as your trusted HIPAA Consultant so you can focus on your patients’ needs. We can conduct your risk assessment, design your network, backup your ePHI, assist with compliant services and hardware purchases. Call (813) 605-7251 ext 1, or email us at firstname.lastname@example.org. You may also want to read our HIPAA Compliance Tips to Remember.
Nothing in this blog should be constituted as or substituted for proper legal advice. This is presented as a guideline to get you thinking about how to best secure your PHI and ePHI, keeping your patients’ data safe from cyber-crime, and protecting your reputation and ability to continue serving your patients needs.