All Posts Tagged: smal medical practice hipaa

911 dispatcher fired

911 Dispatcher Fired For Sharing Caller’s PHI on Facebook

A Catoosa County 911 dispatcher was fired Friday morning for sharing on Facebook the private information of at least one person who called 911.

Holly Dowis was terminated Friday following an internal investigation into her conduct while on the job.

A Channel 3 investigation found Dowis sent a screenshot to Facebook friends in a private chat of one man’s call to 911 requesting emergency assistance.

Sixty-year-old Ringgold resident Ron Darnell called Catoosa County dispatch on December 23rd when he had a blood clot which resulted in an “embarrassing” medical problem.

“I had a blood clot break loose and come out of my body,” he said. “I called to get emergency help and I almost died that day.”

911 Dispatcher FiredThe 911 dispatch screen detailing his call included his name, phone number, address and exact medical complaint. Dowis then took a photo of all that personal information and posted it to a Facebook group chat with some friends.

“A call I just took,” Dowis wrote.

Darnell fears he’s not the only victim. “If they put out mine, how many others have they put out of other people that don’t know it and just making fun of people?”

Dowis has worked with the county since 2007 and was named communications officer of the year in 2013.

“911 is an organization that we must rely on to keep information confidential and to communicate that information to law enforcement officials only and she has violated the public trust,” said Chattanooga Attorney Stuart James.

County Manager Jim Walker said Dowis was fired for misconduct and violating federal and county rules. The county learned of the allegations Tuesday, placed Dowis on administrative leave Wednesday, concluded its investigation Thursday and officially terminated her Friday morning at 11 a.m.

Walker said Dowis had committed similar offenses in the past, though not to this severity, and had been issued warnings.

Darnell told Channel 3 that her losing her job is not enough. He wants to see criminal charges filed against Dowis, which Chattanooga attorney Stuart James said is not far-fetched.

“There’s this thing called HIPAA that guarantees our medical records remain private and that they are private from other people seeing those records,” Stuart James said. “What I see here is not only did she discuss the medical condition the man was suffering from but also named his name, put his address of the Internet and it was a huge privacy concern for him, a huge HIPAA violation, and a huge problem for the 911 center down in Georgia.”

James said criminal charges would be up to a district attorney. But he said in terms of a civil lawsuit, there are issues of a man’s right to privacy, HIPAA violations, and possible libel and slander.

Channel 3 reached out to Dowis and left her a voicemail asking for her side of the story. She has not returned that call as of early Friday afternoon.

Original content by WRCBtv

Read More

3 Things to consider before migrating to the Cloud

Cloud computing grows more popular by the day, and it continues to show its value to the healthcare industry. Being able to dynamically access content while online is a great asset. But, of course, this doesn’t come without taking some risks and gambling your data’s security. Thankfully, there are some ways in which you can tip the odds in your favor.

To help you successfully leverage your technology to meet the needs of your organization without compromising your data’s security, we’ve assembled three common risks that are typically associated with Cloud solutions, and how to successfully avoid them.

Number 1: Data Theft
The most obvious risk to your organization’s data, and any information that’s stored online, is data theft, and other types of hacks that could compromise or even corrupt your mission-critical information. No matter how small or large your organization is, it’s a target for hackers and threats of all kinds, especially in the online environment.

It’s important that you understand that there’s no way to ensure that your practice’s data is 100 percent protected from all types of threats found on the Internet. It’s just not feasible. As long as your organization’s data is stored in an online environment, there’s always going to be a possibility (no matter how slim) that a hacker will get their hands on your data. What you can do, however, is optimize your network and Cloud security to ensure that this possibility is minimal at best. To find out more information about online data security, contact CAM and ask us about our comprehensive security solutions for the online environment.

Number 2: Compliance Violation
Many organizations in specific industries are subject to compliance laws pertaining to the storage and sharing of sensitive information. Due to the nature of cloud storage, using it to store sensitive information in an online environment can have unexpected complications. For example, if this information were to be compromised, what would you do? Depending on the situation, you will be required to inform the victim of the breach, and/or be subject to a costly fine.

Naturally, it’s your responsibility to ensure that your systems are meeting the compliance standards set by your industry. Depending on what type of orperation you run, there are specific criteria that must be met for any kind of sensitive information stored online. Chances are that if your organization collects this information, you’re subject to compliance laws that are often convoluted and difficult to understand. CAM HIPAA Solutions can help make this easier.

Number 3: Immense Downtime
If your practice only stores information in the Cloud, what would happen if that information were suddenly unavailable due to downtime? Hosting your data in the Cloud demands that you need an Internet connection; if this is lost, you’ll be staring downtime in the eyes. This, in essence, is major roadblock that can set your organization behind schedule, break your operations budget, and overall, become quite a nuisance.

This is the reason why you want your information stored in multiple locations; you should be able to access your organization’s data and mission-critical applications from both online and offline systems. This minimizes downtime and improves mobility, which is invaluable for remote workers.

Read More
complying with hipaa 2015

Lync: Guidelines for Complying with HIPAA 2015

Guidelines for complying with HIPAA privacy and security rules when using Lync

  • HIPAA requirements
  • Guidelines for securely storing and sharing sensitive data
  • Use disk encryption
  • Use a secure messaging application
  • Don’t save Lync call logs
  • Disable missed call notifications and voice mail text previews

To learn more about encryption and complying with HIPAA 2015, check out our FAQs section for encryption.

HIPAA Requirements

HIPAA compliance requires protected information to be encrypted when it’s “at rest” (i.e., in storage) and “in transit” (during transmission over a communications network). For further definition of these concepts, see Data Encryption.
All data “in transit” via Lync (for instant messaging, or voice or video conversations) are encrypted during transmission.
Information stored on servers is also encrypted. This, plus the additional measures of housing the Lync and Outlook servers in the CAM Hosted Exchange Data Center, and restricting physical and administrative access to them, satisfies one end of the “at rest” requirement.
However, the other end of the “at rest” requirement must be met client-side (i.e., on your computer). It is important that you (or your companies IT Pro) take the following recommended precautions to ensure the devices (e.g., computers, laptops, and mobile devices) and applications (e.g., Lync/Skype for Business, and Outlook) you use are properly secured to protect any sensitive data they store or transmit.

Guidelines for Securely Storing and Sharing Sensitive Data

CAM recommends taking the following precautions if you store or communicate data that contain protected health information (PHI) or other sensitive data protected by HIPAA.

Use Disk Encryption

Use disk encryption on any desktop system, laptop, or portable device you use to access or store sensitive data. We prefer DESLock Enterprise because of its central management capabilities.

Use a Secure Messaging Application

Use a secure messaging application, such as the Echoworx, when you use Outlook to forward email and voice mail messages containing sensitive data. See our Encrypted Email FAQs

Don’t Save Lync Call Logs

Make sure Lync is not saving your call logs (this applies to Windows computers only).

To do so:

  • In Lync, in the upper right corner, click the Options (gear) icon.
  • From the menu on the left, select Personal.
  • Make sure the box next to “Save call logs in my email Conversation History folder” is unchecked.
  • Click OK.
Disable Missed Call Notifications and Voice Mail Text Previews

Disable missed call notifications and voice mail text previews of voice messages; you must use the Outlook Web App (OWA) to access these settings.

To do so:

  • Log into OWA , and in the upper right, click the Settings (gear) icon. Click Options.
  • In the left navigation bar, click phone.
  • To disable missed call notifications, at the top, if necessary, click voice mail. Under “notifications” (you may need to scroll down), uncheck the box next to “Send an email message to my Inbox when I miss a phone call”. Additionally, if you have text message notifications set up, select I don’t want to receive text messages about missed calls and voice messages.
  • To disable text preview of voice messages, on the voice mail tab, under “voice mail preview”, uncheck the boxes next to “Include preview text with voice messages I receive” and “Include preview text with voice messages I send through Outlook Voice Access”.
  • To save your changes, in the bottom left, click save.
Read More

HIPAA Settlement Reinforces Need to Be Proactive

As the Department of Health and Human Services’ (“HHS”) Office of Civil Rights (“OCR”) proceeds with its second round of HIPAA audits, this time covering business associates as well as covered entities, a recent settlement with a physician group providing cancer care services serves as a reminder that failure to take HIPAA security seriously can result in hefty fines and a supervised corrective action plan.

Read More
warner chilcott settlement

HIPAA Lessons from the Warner Chilcott Settlement

Last week, the US Attorney’s Office in Boston announced that drug company Warner Chilcott agreed to plead guilty to health care fraud and pay $125 million to resolve criminal and civil liability arising out of allegations involving the promotion of the company’s drugs.

Read More
Fear Itself Speech 修改 文章 英文 click through the following web site | Advanced Trading Tools · Learn How to Trade opciones binarias demo click here now
Loan Canada go credit visit their website