Vision... Value... Results...

  • People learn best when the content provokes, engages, and involves them whether group or one-on-one education is needed we design all of our educational courses to include interactive experiences that help people develop new skills and learn on multiple levels that meet the needs of our clients.
Upcoming Training & Events
 
 
Fix My Practice - Blog

Educating Employee to Prevent Data Breaches

The Physicians Practice S.O.S. Group® www.ppsosgroup.com

Fix My Practice – Educating Employees to Prevent Data Breaches 

Why are we hearing about so many breaches and I believe it is because we are not educating our staff about all the potential risk.

HIPAA security starts with employee education. You can lock your systems down, run scans, use antivirus, do regular patching etc. However, in reality, all it takes is for an employee to click on something, or upload something and like a magic trick…you now have a breach. Even Blue Cross and Blue Shield fell victim. An employee uploaded a file containing member information to a public facing website. The worst part is that was not discovered until 3 months after it happened. It exposed over 16,000 patients. While it was only 1% of its members, but it happened, and 1 patient is 1 patient to many.  The immediate questions that come to my mind regarding this were: Did they provide employee education? Did this employee simply upload the wrong file, or did they not understand what they were doing? Was it malicious?

The data was out there for 3 months and they are unable to determine if it was accessed. The breach included names, date of birth, diagnosis codes, provider details, and procedure codes. All the information needed to process claims. No social security numbers or financial data such as credit cards were exposed. This is important because that is the information that could be used in medical identity fraud.

This breach will serve as a stark reminder for practices to have proper access controls, network monitoring, policies and procedures and employee education in place. Bi-annual training and training upon hiring will help eliminate some of these unnecessary breaches.

Practicing quality medicine while maintaining and managing the bottom line is a balancing act that provider’s face daily. The Physicians Practice S.O.S. Group is committed to and has helped healthcare providers across the country with new practice startups, IRO needs, and providing practice management and compliance solutions. Call our office to discuss any needs you might have.

Regina Mixon Bates, CEO | The Physicians Practice S.O.S. Group | www.ppsosgroup.com 

#ReginaMixonBates #practicemanagementconsulting #practicemanagement #physicianconsulting #consulting #HIPAAsecurity #breachprevention

Ransomware Assault Threatens Hospitals

Cyber Security in Healthcare

Recently the FBI is warning there is a new threat of ransomware attacking the US Health Systems. The ransomware assault threatens hospitals and will most likely spread to the ambulatory practices. The FBI and two other federal agencies issued a joined alert stating that this malicious attack will lead to data theft and disruption of the healthcare system and services.
According to an article in www.dailymail.co.uk
The FBI is investigating the recent attacks, which include incidents in Oregon, California and New York made public just this week, according to three cybersecurity consultants familiar with the matter.
A doctor at one hospital told Reuters that the facility was functioning on paper after an attack and unable to transfer patients because the nearest alternative was an hour away. The doctor declined to be named because staff were not authorized to speak with reporters.
‘We can still watch vitals and getting imaging done, but all results are being communicated via paper only,’ the doctor said. Staff could see historic records but not update those files.
Experts said the likely group behind the attacks was known as Wizard Spider or UNC 1878. They warned that such attacks can disrupt hospital operations and lead to loss of life.
The attacks coincide with the U.S. presidential election, but do not appear to have any connection to it.
‘We are experiencing the most significant cyber security threat we´ve ever seen in the United States,’ Charles Carmakal, chief technical officer of the cybersecurity firm Mandiant, said in a statement.
He’s concerned that the group may deploy malware to hundreds of hospitals over the next few weeks.
Alex Holden, CEO of Hold Security, which has been closely tracking the ransomware in question for more than a year, agreed that the unfolding offensive is unprecedented in magnitude for the U.S. Administrative problems caused by ransomware, which scrambles data into gibberish that can only be unlocked with software keys provided once targets pay up, could further stress hospitals burdened by a nationwide spike in COVID-19 cases.
The Russian-speaking cybercriminals suspected of the attacks use a strain of ransomware known as Ryuk, which is seeded through a network of zombie computers called Trickbot that Microsoft began trying to counter earlier in October.
In the past, ransomware infections at hospitals have downed patient record-keeping databases, which critically store up-to-date medical information, affecting hospitals’ ability to provide healthcare.
While the company has had considerable success knocking Trickbot command-and-control servers offline through legal action, analysts say criminals have still been finding ways to spread Ryuk.
The US has seen a plague of ransomware over the past 18 months or so.
In September, a ransomware attack took down all 250 US facilities of the hospital chain Universal Health Services, forcing doctors and nurses to rely on paper and pencil for record-keeping and slowing lab work.
Employees described chaotic conditions impeding patient care. Also in September, the first known fatality related to ransomware occurred in Duesseldorf, Germany, when an IT system failure forced a critically ill patient to be routed to a hospital in another city.
Holden said he alerted federal law enforcement after monitoring infection attempts at a number of hospitals, some of which may have beaten back infections.

Practicing quality medicine while maintaining and managing the bottom line is a balancing act that providers face daily. The Physicians Practice S.O.S. Group is committed to helping healthcare providers across the country with new practice startups, IRO needs, and providing practice management and compliance solutions. Call our office to discuss any needs you might have.

Regina Mixon Bates, CEO | The Physicians Practice S.O.S. Group | www.ppsosgroup.com
#ReginaMixonBates #practicemanagementconsulting #practicemanagement #physicianconsulting #medicalconsulting #businesscoach #publicspeaker #motivationalspeaker

 
© 2020 The Physicians Practice S.O.S. Group  All rights reserved.   |  Phone: (770) 333-9405   |   Email Us
Additional Company Information
Site Map
For more information about franchise opportunities, please Contact us.
 
 
     
Physician Practice Management
Physician Practice Consultant
Medical Group Management
Medical Practice Oversight
IRO Services
Baseline Medical Records Audits
Medical Practice Set Up Service
Medical Record Compliance
Medical Front Office Staff Training
Medical Coding and Billing
OIG Records Reviews
EMR
Electronic Medical Record Training
Chart Auditing Course
Compliance Documentation, Planning and Implementation
Medical Practice Management Consultants
Healthcare Education
Healthcare Consulting & Education
Medical Practice Management
Independent Review Organization
Baseline Chart Audits
New Medical Practice Set Up
Medical Practice Assessments
Customized Team Training
Medical Coding
Medical Certification Courses
OIG Audit Reviews
OIG IA Agreement Services
Meaningful Use
Chart Auditing