In today’s ever-changing cyber landscape, we talk a lot about what measures to take if you have experienced a data breach or ransomware attack. Who do I call if my patient’s health information has been comprised? Do I need to pay the ransom? How long will my organization be down and disrupt the continuity of care?
In today’s busy world it’s not uncommon for organizations to outsource work to third-party vendors. This can be a great benefit for many reasons: less pressure on the internal team, more time for other pressing tasks, expertise in areas that require more guidance and operational control and efficiency, to name a few.
An organization’s approach to governance, risk, and compliance can have a huge effect on business. In today’s world of cyber breaches and ransomware attacks on companies of all sizes and scope, organizational leaders must work together to ensure their approach to GRC is intact.
The world of health information management (HIM) continues to evolve. Larger percentages of information have moved to digital and online. At the same time, more health data is being shared across a wider playing field of public, private, and consumer stakeholders, including a larger virtual workforce. This vast amount of electronic healthcare data now resting in multiple hands raises the bar for health systems’ cybersecurity diligence.
ComplyAssistant’s President and CEO Gerry Blass and Community Options’ Director of Technology Jason Tahaney recently authored an article in HCCA’s Compliance Today magazine titled “How Simplifying your IT Environment can Bolster Security.” The article provided important tips and best practices for CIOs to keep in mind. As the present-day cybersecurity environment continues to be ravaged by hackers and scammers, this article serves as a reminder that sometimes the best tools for mitigating risk are in your own backyard.
ComplyAssistant President and CEO Gerry Blass recently sat down with Healthcare IT Today Editor and Founder John Lynn to discuss “The Impact of Ransomware on Healthcare Disaster Recovery and Business Continuity and Practical Steps to Improve.” Throughout the conversation, Blass shared his expert advice on why all organizations need a Disaster Recovery Business Continuity (DRBC) plan and offered useful tips for mitigating risks within your organization.
In the aftermath of the COVID-19 pandemic, it’s more important than ever for healthcare providers to maintain industry standards for patient care within their respective enterprises. State departments of health (DOHs) are taking a closer look at emergency preparedness plans with a more intentional focus on pandemic response through the implementation of spot or “surprise” audits.
As cybersecurity threats continue to wreak havoc on companies of all sizes, the importance of education and training for leaders is critical. In partnership with HFMA New Jersey, our team hosted a free, comprehensive webinar with health information technology (HIT) leaders from three of the top healthcare organizations located in New York and New Jersey. The discussion focused on internal and external cybersecurity risks and identified new risks directly resulting from the COVID-19 pandemic.
In today’s world, it’s easier than ever for hackers to take advantage of organizations online. Recent examples of this have come in the wake of the Colonial Pipeline attack and the Scripps Health EHR breach. The repercussions of both attacks—which include gasoline shortages up and down the east coast and disruption of EHR, website, and patient portal—are continuing to be felt long after the bad actors do their dirty work. So, what can organizations do to protect themselves?
In the 70s and 80s, healthcare organizations started to migrate their patient management information from hardcopy to electronic, either on shared mainframes such as SMS and McAuto or on microprocessors. The user workstations had no intelligence and were known as “dumb terminals.” There were limited locations of electronic identifiable health information. There was no motivation to sell identifiable health information.