Q: We recently took a survey and many of our employees admitted to saving their passwords in a Word® document or a Notes® file on their phone. Is this riskier than having passwords written down on paper and stored in a safe place at work or home? How can we discourage employees from writing down their passwords anywhere?
The healthcare industry in the United States has experienced a significant increase in ransomware attacks, and the trend has continued upward during the novel coronavirus (COVID-19) pandemic.
Q: In many school districts, children are required to complete immunizations before beginning school. Does a healthcare provider need to obtain consent from a parent to disclose proof of the student's immunization to the school district?
From a compliance and security standpoint, few tasks are more important for healthcare organizations than the creation and regular maintenance of an information technology (IT) asset inventory.
Q: If an individual requests an electronic copy of protected health information (PHI) and the covered entity (CE) maintains that particular record only on paper, what is the standard procedure? Can a paper copy suffice? Does the covered entity need to find a way to deliver the record electronically?
When an organization discovers a hacker infiltrating the network, the natural response is to act quickly and shut down everything.
Of course, it’s important to show urgency in a response, but urgency without a well-constructed, well-rehearsed plan won’t do an organization any good. In fact, it may even exacerbate the issue.
