Q: Workers will likely remain remote for the foreseeable future, but as coffee shops and restaurants begin to reopen, it’s possible that employees may be accessing protected health information (PH) in these locations. While it is best practice to avoid doing this altogether, what should employees do to avoid exposing PHI in this scenario?
The rate at which cybercriminals target healthcare organizations continues to rise, and the consequences of the attacks are becoming more severe. Two recent high-profile attacks illustrated the urgent need for healthcare organizations to defend against cyberattacks, particularly those involving ransomware, and the importance of comprehensive backup policies and procedures to continue operations in the event of an attack that compromises the network.
Q: If employees are working remotely and accessing protected health information (PHI) not only on their computers and mobile devices, but printing it as well, how should they safely dispose of the printed PHI?
The Georgia Department of Human Services (Georgia DHS) on October 9 reported a security incident that potentially affected 45,732 individuals, according to the Office for Civil Rights (OCR) breach report.
Q: Can an independent radiology facility mail postcards with a reminder that it's time for patients to schedule? The postcard would include the patient's name and address, obviously, but then either a check mark by screening mammogram or the words “follow-up exam.”
Oaklawn Hospital, a healthcare provider in Marshall, Michigan, recently reported a security incident that potentially impacted 26,861 individuals, according to the Office for Civil Rights (OCR) breach report.
Q: We recently took a survey and many of our employees admitted to saving their passwords in a Word® document or a Notes® file on their phone. Is this riskier than having passwords written down on paper and stored in a safe place at work or home? How can we discourage employees from writing down their passwords anywhere?
The healthcare industry in the United States has experienced a significant increase in ransomware attacks, and the trend has continued upward during the novel coronavirus (COVID-19) pandemic.
Q: In many school districts, children are required to complete immunizations before beginning school. Does a healthcare provider need to obtain consent from a parent to disclose proof of the student's immunization to the school district?
University of Missouri Health Care (MU Health Care), a health system located in Columbia, Missouri, on September 17 reported a security incident that potentially affected 189,736 individuals, according to the Office for Civil Rights (OCR) breach report.
