Start Your FREE Membership NOW
 Discover Proven Ways to Be a Better Medical Office Manager
 Get Our Daily eNewsletter, MOMAlert, and MUCH MORE
 Absolutely NO Risk or Obligation on Your Part -- It's FREE!
EMAIL ADDRESS

Upgrade to Premium Membership NOW for Just $90!
Get 3 Months of Full Premium Membership Access
Includes Our Monthly Newsletter, Office Toolbox, Policy Center, and Archives
Plus, You Get FREE Webinars, and MUCH MORE!
You are here: Home / Archives for topics / Risk management
COMPLIANCE

5 ways your medical office can violate HIPAA

May 10, 2022 by

The HIPAA Privacy Act is a federal law that was established in 1996 to set provisions and standards for the protection of personal health information. The rule puts limits and conditions on the use and disclosure of patient medical information. It also gives patients the right to obtain a copy, examine, and request corrections to their records. Though most medical practices are very careful to keep their patients’ private health information secure, violations of this act can be costly with penalties ranging from $100 to 1.5 million per incident. Regular and ongoing compliance training for all employees is one of the easiest ways to prevent the improper use of PHI and reduce the risk of a violation. Below are a few common HIPAA violations and steps that can be taken… . . . read more.

TAGGED WITH: , ,
SAFETY

Workplace active shooter: Run, hide, fight

April 17, 2022 by

By Lynne Curry It’s not your imagination. There are more incidents of violence across our country than ever before. It doesn’t matter where you live. Nor that you don’t believe it could happen in your town, your workplace or at your kids’ school. You’ve seen the news reports. The violence in workplaces including healthcare settings, schools, restaurants, train stations, malls, and churches. Innocence can’t save you. It might get you killed. Would you know what to do if  someone started shooting? Knowing what to do could keep you alive. Suppose you hear something odd. At first, you think it’s a car backfiring. Then you hear the same sound again and again. Gunshots, repeated in rapid succession. Fear grips you. You hear others screaming. You struggle to catch a breath. You… . . . read more.

TAGGED WITH: , , ,
DATA SECURITY

Is your contact form providing a back door for cybercriminals?

April 10, 2022 by

By Doug Striker As automated email filtering gets better at screening for phishing attempts, criminals are responding by looking for attack techniques that evade those tools. Believe or not, their newest tactic is to fill out online contact forms and then use the response process to sneak malware into your system. By now, we are all familiar with email phishing. Most medical offices today are conducting (or should be conducting) security awareness training across their organizations. And, as mentioned above, email filtering technologies have advanced and are quite good at stopping some attacks. But crime never sleeps, and cybercriminals have been creatively seeking new ways to infiltrate our systems. Contact forms and cybercrime A company called Abnormal Security has found that a nasty piece of malware called BazarBackdoor is being… . . . read more.

TAGGED WITH: , ,
ADVICE FROM THE WHITE HOUSE

Is your medical office vulnerable to Russian cyberattacks?

March 28, 2022 by

The White House is urging businesses to review and improve cybersecurity because of a heightened risk of cyber attacks from Russia. A statement from the Biden-Harris Administration advises businesses to take the following steps: Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system; Deploy modern security tools on your computers and devices to continuously look for and mitigate threats; Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors; Back up your data and ensure you have offline backups beyond the reach of malicious actors; Run exercises and drill your emergency plans so that… . . . read more.

TAGGED WITH: , , ,
OBSCENE & UNWELCOME

Watch for harassment by emoji in your office

March 28, 2022 by

By Lynne Curry “How much trouble are we in?” the practice administrator asked. I looked at the sheaf of text and Slack messages, loaded with emojis, and stopped on one sent in early March that asked, “Good to know you’re almost done with the project and headed for the weekend. Do you garden?” flanked by an eggplant emoji. Other texts included peaches, dump trucks, sweat droplets, and smiley faces with tongues sticking out. “How did you get these?” I asked. “An employee resigned, refused to come in for an exit interview, and sent these in the mail.” “Did you notice the recipient of the gardening question responded, ‘stop, just stop!” “No, these were just informal texts going back and forth between coworkers and employees and their supervisor. I don’t use… . . . read more.

TAGGED WITH: , , ,
INFORMATION SECURITY

Protect your data as Russia-Ukraine war increases cybersecurity risk

March 15, 2022 by

By Ron Slyker As part of the ongoing Russia-Ukraine conflict, Russian cyberattacks have primarily targeted Ukrainian government and bank systems, but the attacks may spread to countries outside of Ukraine soon. The Cybersecurity and Infrastructure Agency (CISA) and the FBI have warned organizations to increase protection as a precaution in case these attacks begin to affect the United States. Experts have reported known Russian cyber groups gathering information on U.S. infrastructure like electric and gas sites. While the FBI and CISA have received no warnings of direct threats to any Western countries, it is best to act now to protect your information. What can you do to protect your business from global conflict? Take action. Experts believe that any Russian cyberattacks would be disruptive, rather than intended to steal data, but… . . . read more.

TAGGED WITH: , ,
WORKPLACE SAFETY

Hang in there: Most employers say they can endure omicron

February 3, 2022 by

A survey of business leaders shows that most shows that most —87 percent—believe their organization would be able to endure an outbreak of the omicron variant of COVID-19. Eighty-six percent of exectives polled by SHRM (the Society for Human Resource Management) in December agreed that existing policies and procedures aimed at stopping the spread of COVID-19 in the workplace gave them confidence as omicron began spreading in the U.S. At the same time, many executives are worried about impacts to their business, with 67 percent saying they were very or extremely concerned about their organization’s ability to keep employees and customers/clients/patients safe due to omicron. “Clearly, this variant is causing significant disruptions across the economy, and business leaders must continue taking steps to protect employees and their families and retain… . . . read more.

TAGGED WITH: , , ,
RISK MANAGEMENT

Your keycard could be your office’s top security threat

January 23, 2022 by

By Todd Burner The days of tumbler locks and keys are fading, especially in high-traffic areas. Proximity cards—those credit-card-sized, contactless devices that grant users access to a variety of areas—have largely taken their place. But for too many facilities that card represents one of its biggest security gaps. Proximity cards (also known as keycards) are incredibly convenient—and certainly have some security and financial benefits. With personnel changes, there’s no need to physically rekey the office or change the locks. That can all be handled electronically without replacing the hardware. The problem is: Security protocols in many of those cards are nowhere near as secure as many security and property managers believe them to be. Instructional videos on how to clone the technology are easily found online—and the equipment to do… . . . read more.

TAGGED WITH: ,
CYBERSECURITY

Tips to keep your medical office data in the cloud secure

January 21, 2022 by

By Ron Slyker As manager of a medical office, the security of data in the cloud is one of your many responsibilities. The trick to avoiding a cloud data security breach is to pay close attention to your cloud applications and user behavior. While analyzing the software and looking at user behaviors takes time, the benefits of reducing cloud and data security breaches make it worthwhile. Consider these tips and pass them on to your IT team. Examine user activities It is vital to know not only which apps you use, but also how they use your data. Determine which apps the employees use to share content and whether they have a sharing feature. Knowing who is sharing what and with whom will assist you in deciding the right policies… . . . read more.

TAGGED WITH: ,
Risk Management

Don’t write a positive reference for a problem employee; instead…

January 13, 2022 by

By Lynne Curry Question: After an investigation, we fired one of our employees for threatening and stalking two co-workers. He now demands a positive letter of reference, which I’m writing. I tried to appease him with an innocuous letter that gave the dates on which he’d worked here along with what his job duties were.  He refused to accept this, and frankly he scares me. Can you give me any pointers for writing a reference letter that sounds positive but not too positive? Answer: Don’t. If you write a falsely positive or even neutral reference, you can be sued for “negligent referral,” defined as “the failure of an employer to disclose complete and factual information about a former or current employee to another employer.” True story When Allstate Insurance Co…. . . . read more.

TAGGED WITH: , ,

(-0)