November is home care and hospice month and many caregivers, nurses, nurse aids, and other staff work hard to provide great care to the families and communities that they serve. This is a month of appreciation for a honorable job and the caring individuals that deserve recognition. Try to compliment or thank someone in the […]
It has been a whole month since the ICD-10 changeover. How did everyone fair? The challenges of learning and training employees can be difficult especially with such a significant change. With over 141,000 ICD-10 codes it is impossible to memorize every one of them. Knowing where to start is imperative to getting the correct diagnosis […]
HIPAA Security Requirements and Tips for Keeping your Data Secure.
HIPAA security has changed since March of 2013. The new rules change the way everyone deals with electronic Protected Health Information (e-PHI) as well as the networks and vendors the companies use to view and transfer these documents. Under the new rules, you can be fined up to $1.5 Million per year if you are not in compliance, and up to $50,000 per violation. Also now business associates can be held responsible for data breaches and if that were not enough: you now you have to prove that you haven’t had a data breech instead of the opposite. Under the new rules they assume that you have had a security breech unless you can document otherwise. For companies that have policies and procedures for HIPAA that are older than 3 years: You may want to read through your Business Associate Agreements (BAAs) and your policies to make sure the new rules are put into place.
Simplified Technical Safeguards Required by HIPAA
- Access Control: Have policies and procedures in place that determine who has access to e-PHI.
- Audit Controls: Keep a record of your information systems security status and use. This means keep logs and reports of physical security, software, and other mechanisms used to contain or look at e-PHI.
- Integrity Controls: Make sure that e-PHI is not improperly altered or destroyed.
- Transmission Security: Protect the transmission of e-PHI over networks. This means using encryption and having properly configured firewalls and networks.
Visit HHS.GOV here for the actual specifications/requirements: http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html
In short it is important to make sure you are in compliance to these new rules and that your IT vendor/department is aware of these requirements.
Below you will find some of the ways your data can be breached and some possible prevention methods:
Phishing is when attackers send you emails or have links in websites that are tailored to look legitimate, but when an unsuspecting person clicks on a link or opens a file within an email it harms the computer. Also, Spear Phishing is an even more targeted attack, in which the hacker gathers info about you to tailor a personalized email message just for you.
- Don’t click on email attachments or links that you are not 100% sure are from a legitimate source.
- Use Spam fighters and Antivirus software to protect your email
- Don’t give out your email to unknown online sites (for example: win $1000 by filling out this form)
- Check to see if your email has be pwned (compromised): https://haveibeenpwned.com/
Man in the middle attacks intercept data between two points and attempt to steal and decrypt the information. This can be done by spoofing a “trusted” network that your device has connected to in the past. You may see this if you are at a hotel and your phone tells you that you are connect to your home network?!?!
- Use a VPN to encrypt your online communication
- Look for the lock symbol next to the web address to ensure that SSL and/or TLS is being used.
- Note if you see a lock icon but also an exclamation mark or an X don’t enter in any sensitive info.
Buffer overflow is when an attacker breaks a program by giving it too much information (like a really long username). The attacker can then insert code into the website or software that goes where it should not and gain access to a system. This is a high level of attack and difficult to prevent
- If your company has proprietary software ask the programmers to look at the code to see if they are vulnerable to buffer overload.
- Hire a professional to test your software/website
- Make sure that all of your software is up to date
Brute force attacks can be very effective against systems that have weak user names and passwords. A brute force attack will try thousands if not millions of usernames and passwords to try to find the right one. More sophisticated attacks use “dictionaries” of the most common passwords to quicken the process.
- Use strong Passwords
- Set a policy for log in attempts
[cmsms_row data_width=”boxed” data_padding_left=”3″ data_padding_right=”3″ data_color=”default” data_bg_color=”#ffffff” data_bg_position=”top center” data_bg_repeat=”no-repeat” data_bg_attachment=”scroll” data_bg_size=”cover” data_bg_parallax_ratio=”0.5″ data_color_overlay=”#000000″ data_overlay_opacity=”50″ data_padding_top=”0″ data_padding_bottom=”50″][cmsms_column data_width=”1/1″][cmsms_quotes mode=”slider” animation_delay=”0″][cmsms_quote image=”931|http://temp.hhssolutions.com/wp-content/uploads/2015/04/Increased-Cost-not-mean-Revenue-200×200.png|thumbnail” name=”Janet Lytton, R.H.I.T., N.H.A.” subtitle=”Director of Reimbursement”] As I have been working on each of the Facility Statistic files, I have noticed that our facility Medicaid rates have increased very little, if any. This is […]
A person with dementia may be more sensitive to noise. Noise affects people differently from a mild response or catastrophic reaction. Some may have a threshold of a few minutes and others may become overwhelmed after an hour. Each person’s coping style to noise is different. Their individual coping style and personal tolerance to noise […]
Medical Billing Nebraska We pride ourselves in being experts in the medical billing field. Many practices and facilities find it difficult and time consuming to bill properly and in a timely manner. All of our billers and billing specialists are located in Nebraska or in the neighboring states. Whether you are in Seatle, or New […]
Consulting Services We formulate a plan that is tailor-made to help you achieve your goals in the medical billing industry. This gives you the opportunity to focus on what really matters, patient care. With our combined experience of 40+ years, we are able to show you in-depth answers to any of your billing questions and […]
Billing Services HHS Solutions offers a wide variety of services to help ensure total A/R control and billing management. Our trained professionals can help bring your facility financially back to life, ease the stress of billing, and get you back on track again. From Medicare and Medicaid to private insurance, we can do it all. […]