Start Your FREE Membership NOW
 Discover Proven Ways to Be a Better Medical Office Manager
 Get Our Daily eNewsletter, MOMAlert, and MUCH MORE
 Absolutely NO Risk or Obligation on Your Part -- It's FREE!
EMAIL ADDRESS



Upgrade to Premium Membership NOW for Just $90!
Get 3 Months of Full Premium Membership Access
Includes Our Monthly Newsletter, Office Toolbox, Policy Center, and Archives
Plus, You Get FREE Webinars, and MUCH MORE!
TECHNOLOGY

7 tips for leading a video meeting

We’ve become accustomed to attending work meetings on Zoom and other video conferencing platforms since the pandemic lockdown of 2020. But you might not be at ease as the leader of a Zoom meeting for your medical office team. Here are some tips for conducting a successful video work meeting: Set a clear agenda: Before the meeting, create an agenda that outlines the topics to be discussed and the goals of the meeting. Send this agenda to all participants in advance so that they can come prepared. Establish ground rules: Set some ground rules for the meeting, such as requiring all participants to mute their microphones when not speaking and encouraging people to use the chat function to ask questions or make comments. Start on time: Respect the time of… . . . read more.

DATA SECURITY

9-point checklist for medical office cybersecurity

Is your office doing all it can to protect your patients’ sensitive medical data? Here’s a nine-point checklist to protect the security and privacy of your patients. Use strong, unique passwords for all accounts and change them regularly. Enable two-factor authentication (2FA) for added security. Keep all software and systems up to date with the latest security patches. Use antivirus software and firewall protection to prevent unauthorized access to your systems. Educate employees on cybersecurity best practices, such as not clicking on links in suspicious emails and not sharing login information. Use encryption to protect sensitive data, such as patient medical records, when it is transmitted or stored electronically. Regularly backup important data to protect against data loss due to cyber attacks or other disasters. Implement policies and procedures for… . . . read more.

FEDERAL PRIVACY LAW

10 basic steps to comply with HIPAA

HIPAA (the Health Insurance Portability and Accountability Act) is a federal law that protects the privacy of individuals’ personal and medical information. HIPAA is important for medical offices because it sets standards for the protection and handling of this sensitive information, which is critical to maintaining the trust of patients and ensuring the confidentiality of their medical records. HIPAA requires medical offices to implement and maintain certain safeguards to protect PHI, including physical, technical, and administrative measures. These measures help to ensure that patient information is only accessed and used by authorized individuals, and that it is handled in a way that maintains its integrity and confidentiality. Non-compliance with HIPAA regulations can result in significant fines and legal consequences for medical offices, as well as damage to their reputation. Therefore,… . . . read more.

CYBERSECURITY

Treat passwords like underwear: Change often and don’t share

Did you know that most confirmed data breaches involve the leveraging of weak, stolen, or default passwords? One of your practice’s frontline defenses for avoiding the phishing  attacks and other cybercriminal schemes is effective password management. How well are you managing yours? Take this quiz from Michael J. Sacopulos, JD, founder and CEO of the Medical Risk Institute, to find out.  Strong passwords are too complicated to remember. It’s fine to use passwords that are short and easy.            True or False?  Answer: False Easy passwords are easy to crack. Popular passwords in the United States continue to be “password” and “12345.” These weak passwords offer little security and are simply dangerous. Instruct your team to create strong passwords that contain a mix of letters, cases, and… . . . read more.

DATA SECURITY

4 ways your managed IT provider can help with HIPAA

By Ron Slyker Healthcare IT can best be explained  as technology that allows the secure exchange of medical and patient information between healthcare providers, patients, insurers, and other administrative operations. With the rapid increase of healthcare companies adopting cloud technology to share files and store private data, the need to involve managed service providers to assure full compliance of HIPAA is essential. Here are four ways that your managed services IT provider should be expected to help maintain HIPAA compliance: Encryption. Your managed services provider should make sure that all your devices—including laptops, tablets, and mobile devices—are encrypted. This is the best way to secure your data. And, given that mobile malware is on the rise, you will want to make it a top priority. Set up a reporting process…. . . . read more.

CYBERSECURITY

How to stay vigilant without hiring a surprise attack ninja

Remember the Pink Panther movies? Peter Sellers’ character, Inspector Clouseau, hired “Cato” to randomly attack him. He thought unexpected ninja attacks would keep him every vigilant. While the over the top comedy is ridiculous, it does remind us of how to approach cybersecurity. You do not need to hire someone with a kendo stick to beat your staff into compliance, but frequent “reminders” do promote vigilance. This comparison comes from Mike Sacopulos, founder and CEO of the Medical Risk Institute. He said most practices provide cybersecurity training when an employee is first hired, and annually after that. While certainly this method will check the box for “security training” it is highly ineffective for maintaining good cybersecurity habits. Cybersecurity training is not a “once you learn it, you know how to… . . . read more.

DATA SECURITY

Is your contact form providing a back door for cybercriminals?

By Doug Striker As automated email filtering gets better at screening for phishing attempts, criminals are responding by looking for attack techniques that evade those tools. Believe or not, their newest tactic is to fill out online contact forms and then use the response process to sneak malware into your system. By now, we are all familiar with email phishing. Most medical offices today are conducting (or should be conducting) security awareness training across their organizations. And, as mentioned above, email filtering technologies have advanced and are quite good at stopping some attacks. But crime never sleeps, and cybercriminals have been creatively seeking new ways to infiltrate our systems. Contact forms and cybercrime A company called Abnormal Security has found that a nasty piece of malware called BazarBackdoor is being… . . . read more.

ADVICE FROM THE WHITE HOUSE

Is your medical office vulnerable to Russian cyberattacks?

The White House is urging businesses to review and improve cybersecurity because of a heightened risk of cyber attacks from Russia. A statement from the Biden-Harris Administration advises businesses to take the following steps: Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system; Deploy modern security tools on your computers and devices to continuously look for and mitigate threats; Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors; Back up your data and ensure you have offline backups beyond the reach of malicious actors; Run exercises and drill your emergency plans so that… . . . read more.

INFORMATION SECURITY

Protect your data as Russia-Ukraine war increases cybersecurity risk

By Ron Slyker As part of the ongoing Russia-Ukraine conflict, Russian cyberattacks have primarily targeted Ukrainian government and bank systems, but the attacks may spread to countries outside of Ukraine soon. The Cybersecurity and Infrastructure Agency (CISA) and the FBI have warned organizations to increase protection as a precaution in case these attacks begin to affect the United States. Experts have reported known Russian cyber groups gathering information on U.S. infrastructure like electric and gas sites. While the FBI and CISA have received no warnings of direct threats to any Western countries, it is best to act now to protect your information. What can you do to protect your business from global conflict? Take action. Experts believe that any Russian cyberattacks would be disruptive, rather than intended to steal data, but… . . . read more.

CYBERSECURITY

New safeguards and fines follow data breach investigations in New Jersey

Two cases of exposing patient personal information occurred in New Jersey but serve as warnings to all healthcare providers. The state’s Division of Consumer Affairs has reached a settlement with three New Jersey-based providers of cancer care that the State alleges failed to adequately safeguard patient data, exposing the personal and protected health information of 105,200 consumers, including 80,333 New Jersey residents. Under the terms of the settlement, Regional Cancer Care Associates LLC, RCCA MSO LLC, and RCCA MD LLC (collectively, “RCCA”)—all headquartered in Hackensack, but with 30 locations throughout New Jersey, Connecticut and Maryland—have agreed to pay $425,000 and adopt additional privacy and security measures to safeguard individuals’ protected health information and personal information to resolve the State’s investigation into alleged violations of the New Jersey Consumer Fraud Act… . . . read more.


(-0)