Industry best practices and implementation guides
The recent HIPAA breach reports with CHS and Cedar Sinai are enough to keep healthcare CIOs and Security Officers awake at night. Such events pushed healthcare organizations into reactive mode and concerned about their potential vulnerabilities.
Krishna Kurapati
Last year, we shared 10 steps to take when (not if) your organization is hit with a ransomware attack. Now that several months have passed, the number of malicious cyber attacks that have plagued IT professionals has grown exponentially. The stakes have never been higher. Public services, financial data, and protected health information are all in jeopardy when such widespread security compromises take place.
Ben Henson
90 days. That’s all the time healthcare organizations have between now and the September 23 HIPAA Omnibus compliance date. Understandably, most healthcare compliance officers are focusing on the significant changes spelled out in the regulations: obtaining business associate agreements, updating notices of privacy practices, and training staff members on the changes to the law.
Krishna Kurapati
The Golden State has been under siege from devastating wildfires, unlike any they have seen before. At the time of this article 140,000 acres have been consumed due to the Camp Fire just North of Sacramento which is considered only 40% contained. Camp Fire has grown to be the most destructive and deadliest wildfire in California’s history.
A focus of many hospitals, ambulatory surgical centers, and clinicians is improving surgical outcomes and post-op recovery for the patients they serve. And with good reason. Not only do these providers care about their patient outcomes and recovery experience, but the information is now publicly searchable on sites like Healthgrades.com.
Value-Based Healthcare is increasing financial risk for healthcare organizations. With the new bundled payment programs, your responsibility no longer ends at patient discharge. Hospitals, skilled nursing facilities, and home health organizations can no longer be loosely aligned to succeed.Hospitals frequently lose track of a patient’s recovery after discharge because they are loosely aligned with skilled nursing facilities and home health nurses. These healthcare organizations have no easy way to collaborate with doctors to report patient issues.
Ben Henson
Seemingly everyone in their organization wants to adopt a bring your device (BYOD) mobile policy. However, the benefits of empowering employees with greater access to data typically drown out the lingering data control concerns.If you find yourself considering a BYOD policy, first think about your risks. As any OCR/HHS or hospital CIO, who has suffered through a data breach, will tell you, security risk assessments are vital to a HIPAA compliance plan. So what are the unique risks of adopting a BYOD policy in the healthcare world?
Krishna Kurapati
For years, cloud-based healthcare vendors had tried to avail their organizations to the conduit exception to HIPAA. Broadly speaking, the conduit rule exempts entities from complying with HIPAA if they only transmit and do not access PHI (usually on behalf of a Covered Entity). In the buildup to the Omnibus Rule, PHR vendors, data storage companies, and other cloud-based providers lobbied HHS to broaden the scope of the conduit exception.
Krishna Kurapati
As portions of the United States start to resume “normal” operations, the Center for Medicare and Medicaid Services (CMS) has released another round of waivers targeted towards the Hospice industry. With fresh guidance on timelines - CMS is actively working to provide resources to relieve some stress for healthcare workers nationwide. In line with previous guidelines, these changes go into effect immediately without healthcare providers having to request waivers from CMS.
It is critical that underserved populations receive the care they deserve, as the global community continues to wrestle with the pandemic. Here at QliqSOFT, we are aware of the communication gap that too often exists in hospitals and clinics, ultimately keeping individuals from preventative and life-saving care.
One of the most important aspects of qliqCONNECT security is how we encrypt your messages. First, all network connections are encrypted with transport encryption called TLS. So all communication over the Internet is secure. Second and more importantly, qliqCONNECT encrypts the message content using Public-Private Key Encryption. With this approach, every user on qliqCONNECT has a unique encryption key and each message is encrypted for a single particular user.
When thinking about a healthcare emergency preparedness plan, how much does compliance matter in your disaster communications? If your organization is in the throes of a power outage from heavy storms or a cyber attack that’s left your network down, thoughts of compliance may not be top of mind.
Ben HensonStay informed with the latest articles and insights on best practices.