HIPAA has not changed during COVID-19, and is arguably more important now.
During COVID-19, there has been in increase in healthcare breaches, cyber attacks and fraudulent COVID-19 websites.
We can help your practice stay on top of the latest healthcare news, rules, regulations and trends. Subscribe to stay current and up to date on important matters that will impact your practice. (To subscribe to our blog click here).
While the Office of Civil Rights has stated that they will exercise discretion and not penalize healthcare entities for providing telehealth without all HIPAA-required measures in place, healthcare security continues to be incredibly important.
Why is security surrounding your patients’ protected health information (PHI) so important?
Breaches are continuing to impact healthcare practices, as PHI is valuable on the black market.
Recently, a Pennsylvania health system has been threatened by Netwalker, a ransomware operator. Netwalker has threatened to publish data online if ransoms aren’t paid. It is auctioning off data online.
So how can you protect your practice from similar threats?
Make sure that your employees are trained and up to date on your risk assessment and all policies and procedures. Ensure that your HIPAA inventory of devices is updated on a consistent basis.
With large trends toward telehealth, protecting your patient information and patient trust is critical.
When is the last time you had a training for your employees? Trainings should be conducted regularly. It might be a good idea to send a fake phishing email and track the results. Warn your employees about fake sites purporting to display COVID-19 information.
It is essential that you make sure you are aware of increased risks during COVID-19, especially if you have employees working from home.
Check to ensure that all of your security measures and backups are working correctly while employees are remote.
Make sure that no one other than the employee has access to the device on which they are accessing PHI from home.
Finally, make sure that your employees are trained on what do in the event they suspect a breach, a phishing email, or a potential threat to your practice’s data.
If you need help updating your practice’s policies or training employees, contact your healthcare attorney.
It is essential to protect your practice now from cyber attacks.
In our next blog post, we will keep you informed of related issues. To get this important information delivered directly to your mail box, click here to Subscribe.
Do you need help staying current and compliant with the latest laws, rules and regulations? We can help. To contact us about your new government rules and regulations, your practice’s risk assessment, or about your other legal needs: CLICK HERE.