|
HIPAA ComplianceHow it affects Doctor, Dentist, and Medical Practices in Arizona:1) HIPAA rules are mostly best security practices. HIPAA Security Standards became enforceable on April 5, 2005. The Standards require procedures and mechanisms to protect the confidentiality, integrity, and availability of electronic protected health information. Even if your Office isn't worried about regulations and fines, consider that HIPAA is really compliance with common-sense security methods. Violating Patient privacy is bad business. And it can mean that other records, including critical financial and business information, aren't secure, either. We can quickly and inexpensively put the latest security technology in place in your Practice. Good Security doesn't have to hurt. RTA, as your Security and HIPAA Consultant, will keep you secure. 2) HIPAA affects electronic information systems: Records stored on computers and other electronic devices are subject to HIPAA scrutiny. Sure, you can stick with hand-written and paper files. But you are going to miss out on the technology that your competition is using. And the cost of keeping updated backups of paper files is horrendous. You DO have offsite backups of billing and patient records, right? Fire, flood, and theft can destroy both your paper records and your computer records unless you have an effective offsite backup in place. 3) Speaking of backups.... Are your patient or business records at risk? Hard drives fail ALL the time! Data recovery, even if possible, is outrageously expensive and time-consuming. As in Health Care, prevention is the key. RAID hard drives provide continuous copies of your data on a second hard drive. Inexpensive to install, RAID reduces the odds of data loss by a factor of 10,000! RTA can quickly and inexpensively add RAID capability to your data server. (continued.....) |
"Good Security doesn't have to hurt."
You'll also need backups. These are automatically done with modern servers, like Microsoft Small Business Server 2003. RTA can help you choose the most cost-effective automated backup system for your business. 4) What are some common HIPAA compliance tools that you'll need? You'll start with secure passwords on your computers. Good passwords don't have to be hard to remember. We'll show you tricks to provide unbreakable passwords that are easy to remember. You'll also want to stop password sharing among employees. This is a violation of common sense security, as well as a violation of HIPAA regulations. Did your current IT services provider tell you that Windows 95, Windows 98, and Windows NT Server are NOT secure? They aren't supported with the latest security patches, have numerous security holes, and using them puts your business in jeopardy. ANYBODY can access the data on a Windows 98 computer. You cannot have a secure or HIPAA-complaint network with these operating systems. Any wireless networks need to be encrypted. This is easy to do, but often missed. We can also implement handy tools like SmartCards, which provide much better security than passwords and are easier to use. We'll implement file security and encryption. This keeps unauthorized employees from accessing records that they should be accessing. And, in case of theft, it keeps the records out of the hands of the thief. 5) Is your current IT provider able to do the job right? Establishing Security policies and secure computing requires specialized training. Your "next-door-neighbor" computer repairman may be a great guy, but does he have the specialized training required to keep you safe and to keep your computers running when you need them? |
Read Myron Johnson's Security and Telecommuting Blog
|
|||||||
|
||||||||||
