ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Healthcare is in Dire Need of HIPAA Compliant MSPs

    Scheduled Pinned Locked Moved Self Promotion
    6 Posts 3 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MKM8DY
      last edited by

      0_1448291362675_Healthcare is in Dire Need of HIPAA Compliant MSPs.jpg

      In a recent KPMG survey of 223 healthcare executives, a full 80 percent stated that their information technology had been compromised by cyber attacks.

      Let’s think about this for two seconds… 80 percent!!! Possibly, a portion of the remaining 20 percent had not yet known that they were a part of the 80 percent. After all, how many clients have you taken on only to find that their network was being compromised or had been compromised?

      In healthcare especially, the question is not if providers will experience a breach or cyber attack, but rather when. How will they respond, and what will the fallout be?

      Keep reading our latest blog post!

      1 Reply Last reply Reply Quote 5
      • scottalanmillerS
        scottalanmiller
        last edited by

        Important to note that HIPAA is not about being secure, just about making a good effort. Tons of things that are totally acceptable in HIPAA (sending a fax, for example) are considered ridiculously insecure by IT standards. HIPAA consulting is about avoiding fines. Security consulting, separate from HIPAA, is about keeping your data from being exposed.

        M 1 Reply Last reply Reply Quote 1
        • M
          MKM8DY @scottalanmiller
          last edited by

          @scottalanmiller oh so very true! You've just inspired a new blog post for us - stay tuned! 🙂

          M 1 Reply Last reply Reply Quote 1
          • M
            MKM8DY @MKM8DY
            last edited by

            @scottalanmiller said:

            Important to note that HIPAA is not about being secure, just about making a good effort. Tons of things that are totally acceptable in HIPAA (sending a fax, for example) are considered ridiculously insecure by IT standards. HIPAA consulting is about avoiding fines. Security consulting, separate from HIPAA, is about keeping your data from being exposed.

            What are some other insecure, but HIPAA-compliant practices you see all of the time?

            scottalanmillerS 1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @MKM8DY
              last edited by

              @MKM8DY said:

              What are some other insecure, but HIPAA-compliant practices you see all of the time?

              This one is non-digital and something that people often miss... but paper destruction does not require that the paper be destroyed or secured. So at many hospitals I've walked around their parking lots outside of their document destruction area and seen client identifiable paperwork blowing around having been shredded but not enough to hide the details and falling out of the machines or getting caught by the wind. I've checked and it was, at least at the time, considered HIPAA compliant as the destruction method and style was approved. That the data was leaking wasn't a concern of HIPAA, only that the proper "effort" had been put into it.

              1 Reply Last reply Reply Quote 0
              • BRRABillB
                BRRABill
                last edited by

                I think this is along the same lines as what @scottalanmiller is saying, but the effort is also company-size related.

                So for example a 5 person company is going to have to have much less security than (or going to need to be judged to have) a huge hospital organization.

                1 Reply Last reply Reply Quote 0
                • 1 / 1
                • First post
                  Last post