As we cope with the COVID-19 pandemic, it is important to take a few extra measures to protect your organization, your patients, and your clients—as well as your data.
Q: What are the essential steps when conducting a risk analysis? Are there any sample tools out there to provide guidance on best practices for risk analyses? How often should organizations be conducting these tests?
The complexity and competitiveness of today’s business environment require that organizations have early warning systems to identify times when they face certain risks. Compliance officers should be active participants in the organization’s risk assessment process.
Q: Workers will likely remain remote for the foreseeable future, but as coffee shops and restaurants begin to reopen, it’s possible that employees may be accessing protected health information (PH) in these locations. While it is best practice to avoid doing this altogether, what should employees do to avoid exposing PHI in this scenario?
The rate at which cybercriminals target healthcare organizations continues to rise, and the consequences of the attacks are becoming more severe. Two recent high-profile attacks illustrated the urgent need for healthcare organizations to defend against cyberattacks, particularly those involving ransomware, and the importance of comprehensive backup policies and procedures to continue operations in the event of an attack that compromises the network.
Q: If employees are working remotely and accessing protected health information (PHI) not only on their computers and mobile devices, but printing it as well, how should they safely dispose of the printed PHI?
