The Meridian Blog: Tech News, Tips & More for SMB and Enterprise Environments

Five Best Practices to Avoid Common HIPAA Violations

Juliana Lee

Posted by Juliana Lee
Tue, Jun 06, 2017

Fines up to $1.5 million, loss of clients, and negative publicity are just some of the serious consequences of violating the 1996 Health Insurance Portability and Accountability Act (HIPAA).

The penalties for non-compliance are based on the level of negligence, and in some cases carry criminal charges that can result in jail sentences. HIPAA compliance is serious business, and when penalties are levied one of the main things taken into consideration is what, if any preventive steps were taken.

With that in mind, here are some basic best practices to implement regarding HIPAA compliance, including:

  1. Comprehension of the guidelines
  2. Training
  3. Guard against 3rd party disclosure
  4. Proper disposal methods
  5. Mobile device management

Read on to learn about each of these five best practices, and how you can implement them.

Read More

What the Healthcare Industry MUST Know About Ransomware Attack

Jasmine Lancaster

Posted by Jasmine Lancaster
Wed, Jun 01, 2016

The Institute for Critical Infrastructure Technology (ICIT) has deemed 2016 as the “year ransomware holds America hostage” and states that attacks will “wreak havoc on America’s critical infrastructure community." As several healthcare facilities and providers have already fallen victim to ransomware, healthcare data security has become a top security issue and a regular headline in the news.

Pushed into a corner and faced with two options — to pay, or not to pay — facilities are scrambling to create an environment free from data breach. Sadly, there seems to be no end in sight for healthcare ransomware attacks. No organization, regardless of size, structure, function or status can assume they are safe from attacks, and simply ignoring the problem can invite even more chaos. Therefore, you must take all of the necessary steps to stop ransomware attacks in its tracks.

You may have questions — What is ransomware? What happens if my healthcare facility is a victim of data breach? How can it be prevented? 

Read on for answers to these questions, as well as other vital information regarding healthcare data security.

Read More

Who Needs to be HIPAA Compliant?

Robert Bruce

Posted by Robert Bruce
Wed, Jun 24, 2015

The common misconception that the Health Insurance Portability and Accountability Act (HIPAA) is just for medical companies is one that could have serious consequences, especially for a small-to-midsized business (SMB).

The act has official rules that specify required compliance by covered entities (CE), which are: healthcare providers, health plans, or healthcare clearinghouses, and business associates — that is, any company that comes in contact with electronic protected health information (e-PHI). According to the U.S. Department of Health and Human Services, all of these are considered covered entities and must comply with HIPAA encryption requirements to protect the privacy and security of protected health information.

Keep reading to learn more about:

  1. Who needs to be HIPAA compliant
  2. Why being compliant is a necessity
  3. PHI implications
  4. And more
Read More

DC Healthcare Firms: Anthem Breach Illustrates Need for Data Security

Robert Bruce

Posted by Robert Bruce
Tue, Mar 03, 2015

Earlier this year, Anthem — one of the nation’s largest health insurers — suffered a massive cyberattack. Anthem administers health plans under a variety of brands, including Anthem Blue Cross/Blue Shield, Blue Cross and Blue Shield of Georgia, and Empire Blue Cross/Blue Shield. Hackers gained access to as many as 80 million records that reportedly included Social Security numbers, birth dates, addresses, and emails for both customers and employees, including Anthem’s own chief executive. Anthem officials say that for now it appears that client medical information shared with doctors and hospitals has not been compromised. Anthem, along with industry security experts and federal investigators are currently trying via cyber forensics to determine the extent of the data breach.

The Anthem cyber attack, along with other high-profile data thefts at large enterprises such as Sony, Home Depot, JP Morgan Chase, and EBay may result in 2014 eventually being remembered by cyber security professionals as the year of big data breaches. According to a report from digital security solutions firm Gemalto, data breaches jumped 46% from 1,056 in 2013 to 1,540 in 2014. But it was the steep rise in data records theft that occurred last year that is particularly alarming. That leapt 78%, from approximately 575 million in 2013 to over one billion in 2014.

Read on for more information about:

  • The security risks healthcare firms face
  • Key takeaways and security insights from the Anthem breach
  • The roles of encryption and HIPAA
Read More
1

Leave A Comment

About this blog

News, best practices and more to help you get the most out of your office technology. Whether you're an SMB owner who wears a lot of hats, or an enterprise IT director, facilities manager or just someone who wants to work smarter — this blog has the resources you need to maximize the business impact of all your tech investments. Be sure to subscribe to receive email updates about new posts!

Download our eBook

 
DM_Workbook_Cover_Page.jpg

Download

Sort Posts by Topic

see all