|
|
||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||
|
|
|
||||||||||||||||||||||||||||||||||||||||
Great Prices . Amazing Selection . Fast Delivery
* = after mail in rebate
Blog
|
|
||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||
|
|
|
||||||||||||||||||||||||||||||||||||||||
Great Prices . Amazing Selection . Fast Delivery
* = after mail in rebate
Written on January 6, 2011 by Morris Stemp in Healthcare
There have been so many new rules and regulations affecting the practice of medicine that it is hard to keep up on how they affect the day to day practice of caring for patients. One of the most important are the new HIPAA privacy and security rules related to protected health information (PHI) and the required public notifications and announcements which must be issues in the event of a breach of this privacy.
Who would think that a doctor who simply emails some patient information from his office computer/email account to his personal email account so that the doctor could do some work from home would be in breach of security and considered in violation of this privacy rule? This is exactly what happened at a Geisinger Health System hospital in Pennsylvania on November 3, 2010, although apparently that email included PHI for 2,928 patients. Due to the size of the “breach”, the hospital found itself in the embarrassing position of being legally required (by HIPAA) to notify by mail, each of the 2,928 patients, as to what transpired.
What actually did happen and what information was “breached? The doctor’s email was not encrypted which means that anyone who could access the email would have been able to read the patient names, procedures, indications and brief notes. There was not even any personal patient financial information in the email. While it was very unlikely that anyone, other than the doctor, ever accessed the email, the mere possibility of this event apparently was sufficient for the hospital legal staff to consider themselves in breach of privacy.
Read the details of the Geisinger press release here: Geisinger informs patients of disclosure of protected health information
So how does this affect Dr Smith, a sole practitioner, or an 8 doctor group practice? According to the new regulations, even a breach of a single patient must be disclosed to the individual whose privacy may have been disclosed. In the event of a breach of 500 or more records during a single event, the medical practice must also notify the Health and Human Services department which is required to post a list of all entities that have had such massive breaches.
See more details about the Breach Notification Rule here: Breach Notification Rule
Could it be that every time a doctor uses Gmail (or similar) to send a some medical information regarding even a single patient, maybe to a specialist, or even to the patient herself, that the doctor has caused a “breach”? While I am not a lawyer and certainly not providing any legal advice, it would seem to me that according to Geisinger, this action would be a breach.
How many doctors have some amount of PHI stored on their laptops? There were 221,000 laptops reported stolen in 23 months during 2008 and 2009 (Stolen Laptops). How many more are lost or never reported. Any unencrypted laptop containing even a single report of patients’ names along with even some minor PHI would almost definitely be considered a breach.
This rule also requires, even a one doctor operation, to have written policies and procedures regarding what the practice would do in the event of a breach, to train employees on these policies and procedures, and to document and apply appropriate sanctions against staff who do not comply with these policies and procedures. Thus, even without an actual breach, there are rules which must be followed and documentation which must be created.
Contact Micro Doctor your local technology experts for ways to prevent leaking PHI to personal unencrypted email accounts and unencrypted laptops.
Mark Richmond 330-898-2100 x 105
mark@microdoctor.com
Thanks to Morris Stemp for writing this informative article.
So I woke up on Christmas Eve to find my notebook infected by a new virus. My AVG Anti-Virus said that my qtime.exe was infected and failed to quarantine it, that’s I realized that this was not going to be a quick fix. AVG was unable to remove the virus.
No problem I’ll just try my trusty Malwarebytes program. It never lets me down. I started Malwarebytes and before I scanned and I’d decided to update the program. After the program was updated it wanted to restart and during the restart, AVG said that Malwarebytes contained a virus. Great, this just gets better and better all the time. The strange thing is I don’t remember doing anything that should have caused me to contract a virus, especially as QuickTime infection. Who says Microsoft is the vulnerable OS when Apple’s QuickTime caused this vulnerability.
So now I close all the programs and shut down the computer. When it started up I hit F8 and forced the laptop to start in safe mode. In safe mode I did a system restore. System restore is located in system tools under accessories in Windows 7. I picked a date two days ago before the virus had infected me and told it to restore my computer and the windows program to that time, hopefully way before the virus infected my PC.
The last time I want to do is scan my computer to make sure no remnants of the virus exist. I’ll run an AVG scan and Malwarebytes scan, if both of those come back clean and I am set to go and enjoy my Christmas.
Thank you QuickTime virus were taking some of the joy out of my Christmas.
Mark Richmond, MCSE, CSSA
Friday, December 24, 2010 12:43:23
From November 1st 2010 through January 31th 2011 business that buy computers from Micro Doctor
www.TheBusinessPCReward.com to redeem your reward
Mark Richmond
Micro Doctor Inc.
No virus found in this outgoing message.
Checked by AVG – www.avg.com
Version: 9.0.839 / Virus Database: 271.1.1/3017 – Release Date: 07/20/10 02:36:00
Check out our segment on the Daily Buzz and video production by the Business Journal.
We are a little past halfway through the segment!
Mark Richmond, MCSE, CSSA
Microsoft Certified Small Business Specialist
Micro Doctor Inc.
4195 Parkman Rd. NW
Warren, OH 44481
330-898-2100 x105
No virus found in this outgoing message.
Checked by AVG – www.avg.com
Version: 9.0.839 / Virus Database: 271.1.1/2991 – Release Date: 07/09/10 02:36:00
Posted via email from Micro Doctor’s Blog Central
A “New” way to backup to disk!
Tape drives are becoming a thing of the past. They are costly, unreliable, limited storage and wear out often. That is one reason online backups are becoming so popular. ( see http://www.microdoctor.com/services-solutions/it-services )
Now we are running into limitations with the amount of data that can be sent via internet to an offsite backup site due to internet speed constraints. Our online backup uses special tricks to only send changed data to our servers in Atlanta and Salt Lake.
So for backup that exceed 72 Gigs of changed data, we needed a new solution. We are now recommending a “RDX” Solution from HP Storageworks. RDX is a type of 2.5” Sata hard drive that is in a special case that is then inserted (like a tape) into a RDX Docking Station.
HP’s RDX solution includes its own software. It is called HP RDX Continuous Backup Software. Let’s call it CDP for short. CDP backs up everything, all the time, while the system is running. That why it is called Continuous Data Protection. Sonicwall and Barracuda have separate appliances (servers) that do the same thing for much more money.
HP leverages the USB connectivity for a lower cost way of accomplishing the same thing. Micro Doctor is a vendor neutral solution company. Meaning even though we are a Sonicwall Silver Partner, if we find a better way to protect our customer’s data at a lower cost, we are going to present it. That’s what makes dealing with a company like us not only a smarter more efficient way to handle IT projects, but we save you money and save the hassle of worrying about backups and other IT nightmares.
We did some checking to compare the RDX Solutions out there. We found 3 vendors that had RDX Solutions. The first was HP RDX Storageworks solutions that include the CDP software but they are limited to USB connectivity. We also looked at Tandberg Data who offers their own Accuguard backup software but the interesting thing they offer SATA connectivity on their RDX Docking stations in addition to USB. It is hard to say if HP’s CDP software is an OEM of the Tandberg Data Accuguard solution or not. Then there is a third provider of RDX hardware, Imation, the tape company. (HMM are they worried?) Imation provides USB internal and external docking stations but their software is a problem. They provide a workstation backup utility and partner with EMC’s Retrospec software for servers, but I was never a fan of Retrospec Backup Software. I think Imation is a good solution where you want to use existing backup software like Micro Doctor’s Local Copy option of our Online Backup Software. Our online backup solution allows you to make a local backup to a drive that is total encrypted and protected like the offsite copies we store for the customer. If you already own Veritas, ( yes I refuse to call it Symantec ) Backup Exec or System Recovery and want to move from tape backups to local disk backup drives then this may be a solution for you also.
The bottom line is that backup is critical to businesses; however it does not have to be a huge burden on the business owner. For under $1500.00 you can get a complete 500Gig HP RDX Storageworks system with 3 drives for rotating offsite and HP’s Continuous Data Protection Software which handles backups, rotations, versions, Bare Metal Restore and easy single file or folder recovery.
Contact the Solution Experts at Micro Doctor Inc. for more info on how we can help you solve your IT problems.
Mark Richmond, MCSE, CSSA
Posted via email from Micro Doctor’s Blog Central
