Start Your FREE Membership NOW
 Discover Proven Ways to Be a Better Medical Office Manager
 Get Our Daily eNewsletter, MOMAlert, and MUCH MORE
 Absolutely NO Risk or Obligation on Your Part -- It's FREE!
EMAIL ADDRESS



Upgrade to Premium Membership NOW for Just $90!
Get 3 Months of Full Premium Membership Access
Includes Our Monthly Newsletter, Office Toolbox, Policy Center, and Archives
Plus, You Get FREE Webinars, and MUCH MORE!
CYBERSECURITY

How to stay vigilant without hiring a surprise attack ninja

Remember the Pink Panther movies? Peter Sellers’ character, Inspector Clouseau, hired “Cato” to randomly attack him. He thought unexpected ninja attacks would keep him every vigilant. While the over the top comedy is ridiculous, it does remind us of how to approach cybersecurity. You do not need to hire someone with a kendo stick to beat your staff into compliance, but frequent “reminders” do promote vigilance. This comparison comes from Mike Sacopulos, founder and CEO of the Medical Risk Institute. He said most practices provide cybersecurity training when an employee is first hired, and annually after that. While certainly this method will check the box for “security training” it is highly ineffective for maintaining good cybersecurity habits. Cybersecurity training is not a “once you learn it, you know how to… . . . read more.

DATA SECURITY

Is your contact form providing a back door for cybercriminals?

By Doug Striker As automated email filtering gets better at screening for phishing attempts, criminals are responding by looking for attack techniques that evade those tools. Believe or not, their newest tactic is to fill out online contact forms and then use the response process to sneak malware into your system. By now, we are all familiar with email phishing. Most medical offices today are conducting (or should be conducting) security awareness training across their organizations. And, as mentioned above, email filtering technologies have advanced and are quite good at stopping some attacks. But crime never sleeps, and cybercriminals have been creatively seeking new ways to infiltrate our systems. Contact forms and cybercrime A company called Abnormal Security has found that a nasty piece of malware called BazarBackdoor is being… . . . read more.

ADVICE FROM THE WHITE HOUSE

Is your medical office vulnerable to Russian cyberattacks?

The White House is urging businesses to review and improve cybersecurity because of a heightened risk of cyber attacks from Russia. A statement from the Biden-Harris Administration advises businesses to take the following steps: Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system; Deploy modern security tools on your computers and devices to continuously look for and mitigate threats; Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors; Back up your data and ensure you have offline backups beyond the reach of malicious actors; Run exercises and drill your emergency plans so that… . . . read more.

INFORMATION SECURITY

Protect your data as Russia-Ukraine war increases cybersecurity risk

By Ron Slyker As part of the ongoing Russia-Ukraine conflict, Russian cyberattacks have primarily targeted Ukrainian government and bank systems, but the attacks may spread to countries outside of Ukraine soon. The Cybersecurity and Infrastructure Agency (CISA) and the FBI have warned organizations to increase protection as a precaution in case these attacks begin to affect the United States. Experts have reported known Russian cyber groups gathering information on U.S. infrastructure like electric and gas sites. While the FBI and CISA have received no warnings of direct threats to any Western countries, it is best to act now to protect your information. What can you do to protect your business from global conflict? Take action. Experts believe that any Russian cyberattacks would be disruptive, rather than intended to steal data, but… . . . read more.

CYBERSECURITY

New safeguards and fines follow data breach investigations in New Jersey

Two cases of exposing patient personal information occurred in New Jersey but serve as warnings to all healthcare providers. The state’s Division of Consumer Affairs has reached a settlement with three New Jersey-based providers of cancer care that the State alleges failed to adequately safeguard patient data, exposing the personal and protected health information of 105,200 consumers, including 80,333 New Jersey residents. Under the terms of the settlement, Regional Cancer Care Associates LLC, RCCA MSO LLC, and RCCA MD LLC (collectively, “RCCA”)—all headquartered in Hackensack, but with 30 locations throughout New Jersey, Connecticut and Maryland—have agreed to pay $425,000 and adopt additional privacy and security measures to safeguard individuals’ protected health information and personal information to resolve the State’s investigation into alleged violations of the New Jersey Consumer Fraud Act… . . . read more.

CYBERSECURITY

Are former staffers still accessing your office’s accounts?

With the Great Resignation, workers are leaving in record numbers and the cybersecurity threat to employers is real. In a recent study, phishing-resistant multi-factor authentication (MFA) provider Beyond Identity gathered responses from former employees across the United States, the United Kingdom, and Ireland and found a vast majority of employees (83%) admitted to maintaining continued access to accounts from a previous employer. The cybersecurity threat this poses is coupled with the fact that more than half of these employees (56%) said they had used this continued digital access with the specific intent of harming their former employer. Ongoing access to sensitive information paired with frequently malicious intent spelled disaster for these former employers. When the survey turned to focus specifically on responses from managers and business leaders, 74% admitted their… . . . read more.

CYBERSECURITY

Tips to keep your medical office data in the cloud secure

By Ron Slyker As manager of a medical office, the security of data in the cloud is one of your many responsibilities. The trick to avoiding a cloud data security breach is to pay close attention to your cloud applications and user behavior. While analyzing the software and looking at user behaviors takes time, the benefits of reducing cloud and data security breaches make it worthwhile. Consider these tips and pass them on to your IT team. Examine user activities It is vital to know not only which apps you use, but also how they use your data. Determine which apps the employees use to share content and whether they have a sharing feature. Knowing who is sharing what and with whom will assist you in deciding the right policies… . . . read more.

INFORMATION SECURITY

Even diligent medical offices are vulnerable to cyber crime

By Alek Pirkhalo, Infiniwiz A key to medicine is prevention and treatment.  The same is true for computer technology. Many medical offices assume that their technology is protected and secure, but even those offices that take accepted protective measures may be leaving their patient data vulnerable. As medical offices become more reliant on technology for patient portals, e-mail reminders and automated patient appointment reminders, the most vulnerable part of any medical practice is protecting are patient information. If your system goes down, you will lose vital data including patient appointments, which will create chaos for your office staff. Here is the prescription for securing data. Update your current technologies to protect log-ins Many medical offices assume that once they invested in anti-virus technology, they are protected against any malware incursions. This is… . . . read more.

TOOL

Model Code of Conduct for Virtual Meetings

Far from eliminating workplace harassment, telecommuting has only caused it to morph into digital forms. As a result, medical offices and other employers need to tweak their harassment policies to deal with the new face of harassment. The virtual meeting, in particular, has become the digital age version of the holiday office party where employees feel emboldened to do and say things they wouldn’t dream of doing and saying to co-workers in-person. How do you crack down on this behavior? The starting point is to implement a Code of Conduct Virtual Meetings. Here’s a template you can adapt.

Harassment

How managers can help victims of revenge porn

By Lynne Curry When “Paula” broke up with “Rob,” he vowed she’d regret ending their relationship. She thought Rob meant she’d miss him. She didn’t realize he planned to destroy her reputation, nor that the drama would cost her a job and perhaps her career. Three days later Paula sat in shocked silence looking at nude photos where she lay asleep half on, half off a blanket laid on the grass. Her manager told her, “I’m sorry. These have spread like wildfire through the office. I don’t know that we can keep you. I can’t imagine you’ll want to stay.” Two months earlier, Rob had talked her into sex in his backyard, pointing out the tall fence shielded them from his neighbor’s windows. She had been uneasy but had gone… . . . read more.


(-0)