HHS has published a Guidance on cybersecurity for healthcare organizations. Even though it's voluntary, the new HHS Guidance is significant to the extent it lays out the agency's expectations of the measures medical offices and other organizations should take to protect medical data from cybersecurity threats. How the Guidance came about The genesis of the Guidance is a … [Read more...] about The 10 things HHS says you should be doing to stop phishing, ransomware and other threats
HIPAA
Traps to avoid: Giving ex-practice employees access to PHI
Your medical office staff understands the imperative of safeguarding personal health information (PHI) and wouldn't let strangers roam about the facilities freely. But it's easy for them to lower their guard when a former employee comes back to the practice, e.g., to pick up a final paycheck or just make a social call. Ex-employees are a common and virulent privacy threat, even … [Read more...] about Traps to avoid: Giving ex-practice employees access to PHI
HIPAA Refresher: Is your practice on top of NPPs?
By Ranadene K. Tapio, MBA, CMRS, CMC, Guest Contributor bio I know, HIPAA is old news. And ALL of your offices are presenting your patients with a HIPAA Notice of Privacy Practices (NPP) already. Right? Are you sure? Do you have systems in place to ensure this is being done? Do you work the front desk, so you know it's getting done? Are you in the back office, and in … [Read more...] about HIPAA Refresher: Is your practice on top of NPPs?
HIPAA security can fail if the office doesn’t take common-sense precautions
No matter how tight its HIPAA privacy procedures, if the office isn't also focusing on common sense, the patient data is wide open to compromise. "That's because we do things we don't think about," says Rosemarie Nelson, a principle with MGMA practice management consulting in Syracuse, NY. "It's not hackers trying to get at the office's data" that the manager needs to worry … [Read more...] about HIPAA security can fail if the office doesn’t take common-sense precautions
How to determine the order of multiple insurance coverages
By Ranadene (Randi) K. Tapio, MBA, CMRS, CMC, Guest Contributor bio When patients have multiple insurance coverage, at times it can be difficult to determine which one is primary, secondary, and tertiary. Sometimes, the patients don't even know which order they go in! While there are always going to be exceptions, here are some basic guidelines to keep in mind: … [Read more...] about How to determine the order of multiple insurance coverages
HIPAA extends to gossip as well as to searching out dirt on an ex-spouse
Getting staff to maintain patient confidentiality goes much further than getting them to protect electronic data. A significant risk for offices is just plain talk. A staffer tells a friend about a patient's condition. Or there could be actual malice where a staffer looks up information on an ex-spouse. Or there could be innocent talk where a staffer in one office tells a … [Read more...] about HIPAA extends to gossip as well as to searching out dirt on an ex-spouse
Six security tips for Cybersecurity Awareness Month
To help raise awareness in support of Cybersecurity Awareness Month, Ivanti recently shared the following top cybersecurity tips and best practices. "October is Cybersecurity Awareness month, and while following security best practices are important every month of the year, it's a good time to remember that we should all take a collective role in organizational security and … [Read more...] about Six security tips for Cybersecurity Awareness Month
The patient privacy epidemic and what can be done about it
By Mark Hughes In most medical office or hospital reception areas, speech privacy is virtually nonexistent. Because these spaces rarely have walls or partitions to block sound, patients often overhear conversations between office personnel and other patients. Lack of speech privacy is by no means confined to reception areas and pharmacy lines – the problem is also present … [Read more...] about The patient privacy epidemic and what can be done about it
Want to improve collections? Start by looking at your Patient Registration System
By Ranadene (Randi) K. Tapio, MBA, CMRS, CMC, Guest Contributor bio First and foremost, a good intake system and/or form is a must! If set up properly, your intake system and/or form will collect all the necessary information you need to bill a patients insurance carrier(s). Offices should collect, at minimum, the following information: Demographics Patient's full … [Read more...] about Want to improve collections? Start by looking at your Patient Registration System
Healthcare organizations are deathly behind on this one cybersecurity practice
SecurityScorecard, a leader in security ratings, recently released a new report titled, "SecurityScorecard 2018 Healthcare Report: A Pulse on The Healthcare Industry's Cybersecurity Risks," which pulls data from more than 1200 healthcare companies. The research team analyzed information such as issue severity, industry-defined risk level, corporate peer performance, and more. … [Read more...] about Healthcare organizations are deathly behind on this one cybersecurity practice