ELEVATE YOUR HIPAA COMPLIANCE: Explore Our Enhanced Toolkit Today
Access Toolkit
Purchase Toolkit
Back to Blog

Our experts talk security with rural health care group

PrivaPlan President David Ginsberg led three sessions at the Colorado Rural Health Care’s (CRHC) annual conference in Colorado Springs this week, addressing rural hospital and clinic administrators, primary care providers, and quality and technical staff.

Ginsberg, who also serves as CRHC Senior Advisor, presented on Meaningful Use, MIPS and MACRA Updates and Network Auditing for HIPAA Compliance. He also led a Cyber Security Panel with two PrivaPlan team members, Lil Sonntag and Ron Bebus, and that’s the session we’ll cover in this post. The PrivaPlan team discussed several issues that challenge IT departments.

“Right out of the gate, 15 to 25 percent of your employees fall prey to a phishing email that looks like it came from a credible source,” said Ginsberg about phishing tests conducted by PrivaPlan. After reviewing the results with staff, follow-up phishing tests usually drop to about eight percent of employees being duped. But don’t celebrate just yet, because as he pointed out, “In security, one percent is too high a failure rate.” Part of the problem is that employees continue to multi-task at their computers and absentmindedly click on bad links. Phishing tests are a good way to get these employees re-focused and keep your data safe.

Failure to have endpoint protection provides another gateway for hackers. Endpoints are every single device that is connected to the network. From an ultrasound machine in the radiology department to a printer on the CEO’s desk, each item must be accounted for and secured. “Hackers will look for every way to get into your organization and you should too,” said Bebus. PrivaPlan has a tool that finds and scans every endpoint for vulnerabilities and therefore helps you stay at least one step ahead of the bad guys.

As simple as it sounds, simple passwords make it simple for data to be compromised. Keep passwords strong and keep them hidden. Sonntag shared that during some of the walk-throughs she does for PrivaPlan, she’ll open desk drawers and find passwords written on notepads. Fail.

Do you know how many times your front desk person has looked at a patient file? Or when and why? If you audit your systems regularly you do. PrivaPlan can help with that too.

The conference wrapped up Friday and Ginsberg and team are back on the road doing what they do best, helping you stay HIPAA compliant. If you have questions, they’ve got answers. Reach our team at info@privaplan.com or call 877-218-7707.

 

 

Related Posts

Recent Posts

Categories
Tags
AI Articles artificial intelligence Blog board Breach business associate CISO cyber risk cybersecurity cybersecurity awareness training electronic medical records email breach executive order Federal HIPAA Changes Final Rule health care health privacy HIPAA hipaa compliance HIPAA Training Meaningful Use Medicare multi-factor authentication OCR ONC passwords PHI phishing Policies & Procedures policies and procedures Privacy Quotes Ransomware Security Security Risk Analysis security training Service Technology Testimonials toolkit Training Materials two-step authentication website analytics website trackers

Get Started Today

Email us at info@privaplan.com or submit the form below:

Sign Up for Updates

Contact PrivaPlan

Telephone Sales & Support
505-466-1432  or
Toll Free: 1-877-218-7707
Fax: 505-466-3942

E-Mail Sales & Support
Customer Support: support@PrivaPlan.com
Sales: orders@PrivaPlan.com

Mailing Address:
PrivaPlan
5 Caliente Rd, Ste 3,
Santa Fe, NM 87508

© 2024 PrivaPlan Associates, Inc, all rights reserved.

FOLLOW US

Linkedin Envelope

Access PrivaPlan Toolkit

Click here to access

Access CMA-PrivaPlan Toolkit

Click here to access

Sign up for updates

  • Be Proactive In Compliance

Sign up. Learn about Compliance

Subscribe now for up-to-date information about privacy & security compliance! You’ll receive emails regarding news about compliance & alerts for new blog posts.