Hipaa Wall https://hipaawall.com Healthcare Security Experts Wed, 28 Mar 2018 21:22:25 +0000 en-US hourly 1 https://wordpress.org/?v=5.5.1 HIPAA Wall – A Structure of Safety, Security, and Confidence https://hipaawall.com/hipaa-wall-a-structure-of-safety-security-and-confidence/?utm_source=rss&utm_medium=rss&utm_campaign=hipaa-wall-a-structure-of-safety-security-and-confidence https://hipaawall.com/hipaa-wall-a-structure-of-safety-security-and-confidence/#respond Fri, 09 Mar 2018 14:02:24 +0000 https://hipaawall.com/?p=750 In the sometimes-complicated and ever-changing world of healthcare compliance, there are two (at least) rather challenging and undeniable facts:

One is that you don’t have a choice as to whether to be HIPAA compliant or not – it’s the law. If you don’t adhere to the provisions of HIPAA – the Health Insurance Portability and Accountability Act of 1996, you’re opening yourself up to a host of fines and penalties that could seriously compromise the livelihood of your organization. The second challenge is that it’s getting harder and harder to remain HIPAA compliant, with the rising number of requirements and patients and records as well as the unfortunate growing reality of cybercrimes and computer security-related threats.

 

There’s good news, though, because there are two reassuring facts that can encourage healthcare organization in their pursuit of HIPAA compliance:

 

One, healthcare companies have no excuse for being unaware of the exact number, nature, and specificities of HIPAA law. There may be a lot of them, but they’re easily accessible. Second, with the right team, infrastructure, and process, any healthcare organization can not only be in complete compliance but in full confidence that they’re doing all they can and the best they can to keep safe, secure, and productive.

That’s why we created HIPAA Wall: to help companies meet and manage their numerous and often complicated HIPAA requirements as well as ensure their corporate infrastructures are safe from the growing threat of cyberattacks and data breaches. It’s also a way to make sure companies are competent and confident in what they’re doing.

 

Just as your IT firewall protects your company from outside security threats and inside data leaks, HIPAA Wall is designed to help companies keep educated, safe, and HIPAA compliant. This gives privacy and compliance officers and IT directors greater knowledge and control over the mountain of electronic health records, codes and regulations, and HIPAA requirements they face every day.

HIPAA Wall centers around these four cornerstone offerings:

▪ Data Loss Prevention gives companies ultimate visibility into where and how sensitive data is going, allowing them to manage where your most critical data is being sent and how it is being received.

▪ HIPAA Risk Analysis is a rigorous and detailed identification and prioritization of key risks currently facing a company, exploring the likelihood of a breach and the magnitude of its potential impact.

▪ HIPAA Cyber Security Training provides comprehensive, engaging, HIPAA-compliant security training to employees, reducing the chance of a data breach.

▪ Penetration Testing is a proven methodology that replicates real-world attack scenarios, testing an IT infrastructure so that companies can protect confidential data from today’s ever-evolving threats.

HIPAA compliance and IT competence doesn’t come by accident. It’s the result of having an experienced and educated team of experts who know what they’re doing and do it well. It’s about obtaining the right tools and technology to be proactive in detection and proficient in execution and remediation. And it’s about having the corporate resolve to do the repetitive and consistent things that build excellence and confidence over time.

 

There are many ways to achieve HIPAA compliance. It’s more about having a plan for achieving that compliance instead of installing this software or that hardware. Our goal is to walk customers through the HIPAA process and create solutions that match their business needs.

 

For HIPAA compliance, you can hide behind a wall of ignorance, inability, or inaction, or you can stand behind a HIPAA Wall of strategy, execution, and productivity. It’s your choice.

 

 

]]>
https://hipaawall.com/hipaa-wall-a-structure-of-safety-security-and-confidence/feed/ 0
What is HIPAA Wall? https://hipaawall.com/what-is-hipaa-wall/?utm_source=rss&utm_medium=rss&utm_campaign=what-is-hipaa-wall https://hipaawall.com/what-is-hipaa-wall/#respond Fri, 02 Mar 2018 20:10:29 +0000 https://hipaawall.com/?p=746

DKBinnovative’s vCIO Randy Haba discusses why DKBinnovative designed its HIPAA Wall website, and services — to better educate and protect clients in the healthcare industry.

]]>
https://hipaawall.com/what-is-hipaa-wall/feed/ 0
DKBinnovative Launches New HIPAA-Compliant Program and Website for Healthcare Industry https://hipaawall.com/dkbinnovative-launches-new-hipaa-compliant-program-and-website-for-healthcare-industry/?utm_source=rss&utm_medium=rss&utm_campaign=dkbinnovative-launches-new-hipaa-compliant-program-and-website-for-healthcare-industry https://hipaawall.com/dkbinnovative-launches-new-hipaa-compliant-program-and-website-for-healthcare-industry/#respond Fri, 02 Mar 2018 19:55:56 +0000 https://hipaawall.com/?p=741 Frisco, Texas (March 1, 2018) – Dallas-based IT managed security service provider, DKBinnovative, is offering a new healthcare compliance and cyber security program, HIPAA Wall, to help companies meet and manage their numerous and often complicated HIPAA requirements as well as ensure their corporate infrastructures are safe from the growing threat of cyber attacks and data breaches.

 

Just as an IT firewall protects companies from outside security threats and inside data leaks, HIPAA Wall is designed to help companies keep educated, safe, and HIPAA compliant. This will give healthcare IT and security specialists greater knowledge and control over the mountain of electronic health records, codes and regulations, and HIPAA requirements they face every day.

 

“Maintaining an optimal IT defense and making sure you’re completely HIPAA compliant isn’t an option anymore,” says DKBinnovative president and CEO, Keith Barthold. “If you’re not keeping on top of regulations, your company is at great risk for fines and penalties that can be crippling to many businesses.”

 

HIPAA Wall centers around four cornerstone offerings:
▪ Data Loss Prevention gives companies ultimate visibility into where and how sensitive data is going, allowing them to manage where their most critical data is being sent and how it is being received.

▪ HIPAA Risk Analysis is a rigorous and detailed identification and prioritization of key risks currently facing a company, exploring the likelihood of a breach and the magnitude of its potential impact.

▪ HIPAA Cyber Security Training provides comprehensive, engaging, HIPAA-compliant security training to employees, reducing the chance of a data breach.

▪ Penetration Testing is a proven methodology that replicates real-world attack scenarios, testing IT infrastructure so that companies can protect confidential data from today’s ever-evolving threats.

 

“Most companies lack the personnel, training, and resources to protect their data, their patients and customers, and their reputation while keeping HIPAA compliant,” said Barthold. “With HIPAA Wall, you get a team of seasoned and knowledgeable IT specialists who are experts in both healthcare and IT security.”

 

The DKBinnovative team — which has worked successfully with more than 60 hospitals and 200 practices — is on the front line of the cyber war to keep clients, secure, and compliant.

 

About DKBinnovative
DKBinnovative provides reliable and highly secure managed IT solutions that allow clients to optimize their technology and accelerate their business goals. DKBinnovative maximizes workforce productivity through a proven proprietary process, guaranteed to deliver measurable end-results most organizations have never experienced. With DKBinnovative as an IT partner, clients can focus on core responsibilities and objectives and while DKBinnovative works to improve client IT performance and productivity. DKBinnovative is currently seeking strategic acquisition opportunities. Learn more at www.dkbinnovative.com.

FOR IMMEDIATE RELEASE
For more information, please contact:
Lauren Yates
ThinkWell Consulting
703.593.3184
lauren@thinkwellconsulting.com

]]>
https://hipaawall.com/dkbinnovative-launches-new-hipaa-compliant-program-and-website-for-healthcare-industry/feed/ 0
HIPAA Compliance Isn’t Rocket Science https://hipaawall.com/hipaa-compliance-isnt-rocket-science/?utm_source=rss&utm_medium=rss&utm_campaign=hipaa-compliance-isnt-rocket-science https://hipaawall.com/hipaa-compliance-isnt-rocket-science/#respond Tue, 27 Feb 2018 23:16:36 +0000 https://hipaawall.com/?p=722

Keith Barthold explains that HIPAA compliance is not rocket science — while it can be complex, it’s not highly technical. Staying compliant is more about process discipline and intentionality.

]]>
https://hipaawall.com/hipaa-compliance-isnt-rocket-science/feed/ 0
Selecting Your Next Healthcare IT Partner https://hipaawall.com/selecting-your-next-healthcare-it-partner/?utm_source=rss&utm_medium=rss&utm_campaign=selecting-your-next-healthcare-it-partner https://hipaawall.com/selecting-your-next-healthcare-it-partner/#respond Tue, 05 Sep 2017 12:45:32 +0000 http://hipaawall.com/?p=209

In 2016, the top five reasons for outsourcing IT were enhanced security, proactive approach to technology, maximizing operations, access to newer technologies and cost savings. As a healthcare provider, finding a technology service provider with Healthcare experience is also vital for you.

 

Per Omnibus federal law, your technology provider must not only sign a Business Associate Agreement (BAA) but must have an in-house HIPAA compliance program similar to you the Covered Entity.  They should protect your PHI and maintain HIPAA, HITECH and HB300 compliance for your organization be bonded with an E&O, general liability, and cyber policy that covers ePHI data breach.

Not just any IT service provider will do. Here are questions to help you evaluate whether your current provider or outsourcing provider is the right prescription for you:

 

What customized support programs will be offered?

Is service customized based on your business requirements, not the “Silver, Gold, Platinum” one size fits all package.  You want the “right” package, not anything less than their very best.

 

How would they create a Disaster Recovery or Business Continuity plan for you? 

Disaster Recovery and Business Continuity Planning are a key part of technology management– they should be able to describe their process to identify your unique needs.

 

How will they keep you informed?

Do they send you automated reports or will they have someone meet with you on a regular basis? Do they have a well-planned process around identifying & communicating risks?

 

How will you and your provider measure success? Response time and absence of downtime should not be the only factors.  Is there quantified success criteria tied to productivity?

 

How is their team structured?

World class IT can’t have proactive and reactive support people in the same roles.  A firefighter that practices prevention will always be consumed with putting out fires. Your provider should be staffed with 50-80% proactive roles dedicated to preventing problems.

 

What is their process to ensure your network is compliant with industry accepted best practices.

This should be a documented process that is completed on a regular basis, not just a reactive series of site visits.

 

How frequently will an inventory of technology assets be reviewed, updated, and what is the process to maintain documentation?

It’s important that they can articulate processes and systems built around capturing and maintaining documentation. Is it always current and readily available? Is there a repeatable process in place to manage risks?

 

Choosing a provider with strong business acumen is key to security, operations, savings and ability to resource new technologies. Choosing a technology partner that understands your business is a vital prescription to success.

 

At DKBInnovative, we love what we do. We would be happy to visit with you to learn more about your business and help evaluate if outsourcing is beneficial for you. Call us at (469) 828-2468.

]]>
https://hipaawall.com/selecting-your-next-healthcare-it-partner/feed/ 0
Social Media and HIPAA Compliance https://hipaawall.com/social-media-and-hipaa-compliance/?utm_source=rss&utm_medium=rss&utm_campaign=social-media-and-hipaa-compliance https://hipaawall.com/social-media-and-hipaa-compliance/#respond Tue, 05 Sep 2017 12:40:13 +0000 http://hipaawall.com/?p=200 Let’s face it, social media is part of every business today.  Healthcare providers using social media face thousands of dollars in HIPAA penalties and fees if there is a breach of protected information.  Do you have a clear policy and procedure for your team? Here are basic best practices to consider.

 

Create a policy document for the type of information that will be allowed for every social platform you use. 

Everything shared on the internet is eternal and every social media platform has their own privacy and usage policies for images uploaded to their systems. Whether you are sharing happy patient pictures and their stories of well being on your own website or on Twitter, Facebook etc, remember they can be downloaded and used by anyone on the internet. Be careful not to disclose any personal information on your clients that identify thieves could use to obtain additional information. Your policy and procedure should include having a form authorizing use of images and information for marketing purposes and the retention of the authorization reviewed by your legal counsel. Don’t forget to have your employees sign as well.

 

Protect social media access

Ensure your employees authorized to access and manage social media accounts are training on HIPAA policies.  If you have a third party manage social media, verify they understand the importance of HIPAA rules. Anyone with access to social media accounts should also follow best practices for login credentials and passwords to protect against unauthorized access.

 

Monitor your social media accounts and have an incident response plan

To limit the impact of unauthorized content that is not compliant with your social media policy you must monitor your account frequently.  Social media managers can mistakenly post a personal message on a business account instead of their personal one, or you could be hacked or have the wrong image uploaded. Mistakes happen as we are only human. Be sure you have an incident response plan for each social media platform that includes information and process on how to verify ownership of the account, remove content or disable the account when needed.  Make sure you have up-to-date contact information for management and social media manager(s).

 

Template policies and procedures

The Office of Civil Rights (OCR) fines providers for using sample policies that they do not follow. It may be necessary to create custom policies and procedures and document that your staff is complying with these policies.

 

Risk Mitigation and actions you can take

Conduct a full annual risk analysis that assesses systems and provides both HIPAA Security Compliance and Threat Analysis. Document compliance activities and implementation of policies. Utilize custom HIPAA security policies based on your organization and avoid generic templates. Breaches can happen often so stay on top of compliance all year around.

]]>
https://hipaawall.com/social-media-and-hipaa-compliance/feed/ 0
What is HIPAA Compliance? https://hipaawall.com/what-is-hipaa-compliance/?utm_source=rss&utm_medium=rss&utm_campaign=what-is-hipaa-compliance https://hipaawall.com/what-is-hipaa-compliance/#respond Tue, 05 Sep 2017 12:32:21 +0000 http://hipaawall.com/?p=197

As a health care entity, you know one of your biggest priorities is keeping your patient data safe. That’s really what HIPAA/HITECH is designed to do. It’s a set of standards and compliance that you’ve got to follow to protect patient information. It’s also the law, so it’s important that you know what the law states and what it doesn’t so you’re taking the right approach to secure data and be compliant with the law.

Those who choose not to be compliant with HIPAA are subject to a multitude of fines. Some of the statistics we’ve seen suggest that the average cost of a major data breach within a healthcare entity is about two million dollars.

When it’s all said and done, that can extend out to about four million dollars when you look at all of the bad public relations that occurs, because if more than 500 patients are breached, you’ve got to go public and publish it through the media as well as contact every one of those patients who were breached. That’s enough to take down hospitals or physician practices.

]]>
https://hipaawall.com/what-is-hipaa-compliance/feed/ 0