Why the Blue Cross Blue Shield Data Breach is Alarming

A recent data breach at Blue Cross Blue Shield of Michigan (“BCBS”) leaves almost 15,000 of their customers in danger of having their personal information stolen. On Friday, BCBS started informing customers of one of its Medicare Advantage plans of the potential breach. The notification is merely precautionary as there is no conclusive evidence as to whether the information has been compromised.

This recent breach can teach us about our own security when it comes to patient data. Although the BCBS employee, whose laptop was stolen, had their laptop password-protected and encrypted, there is still potential that their credentials were compromised and patient information was improperly accessed.

We can help your practice get up to date and prepared to minimize breach risks from employees and third-party vendors. Subscribe to stay current and up to date on important matters that will impact your practice. (To subscribe to our blog click here).

One can never been too cautious when it comes to protecting patient information.

Here are some tips on how to prevent a data breach in your practice:
1. Designate a HIPAA compliance officer: Assign one specific employee in your office to handle everything HIPAA related. Make sure they keep up to date on requirements and hold regular meetings to keep employees informed.
2. Use your practice’s software to your advantage: Many software companies have built-in preventive measures. Be sure you use them to help keep your patient’s data secure at all times.
3. Secure computers and WiFi: Make sure all computers and devices, such as iPads, are password protected and have a screen time out feature. Make sure your WiFi is also password protected, and do not let employees give the password to others. You can have an unlocked network for patients to use if necessary but you must have a secure log-in of the practice’s network.
4. Perform a risk assessment: The only real way to know if your practice is at risk of a breach is to have a HIPAA risk assessment completed. This will help you to learn of areas where security needs to be increased or other areas that are already secure.

We can help you create or update a HIPAA Compliance Plan that includes employee training programs. Contact us today!

We publish vital information on health law topics and news every Wednesday and Friday. To get this important information delivered directly to your mail box, click here to Subscribe.

Do you need help with updating your Business Associate Agreement or negotiating contracts with third-party vendors?  We can help. To contact us about your Business Associate Agreement, your vendor contracts or your other legal needs:  CLICK HERE.

.

Leave a Reply

Your email address will not be published. Required fields are marked *