Compliance Corner: Data Breach – The 4 Million Dollar Man

Posted on July 13, 2016 by jmichaeldunn

Aspida Ad Oct2015In cooperation with my friends at Aspida, here’s the next article in the Compliance Corner series. Each quarter, we’ll feature a new article about HIPAA compliance, regulatory news, keeping patient data private & secure, and other topics to help keep dental practices and their patients safe. In this article, Laura Miller, Compliance Manager at Aspida, writes about best practices for protecting dental offices from cybersecurity breaches.

A report from IBM and conducted by the Ponemon Institute said that cybersecurity incidents continue to grow in both number of incidents and complexity, averaging a cost of $4 Million Dollars! This is a 29-percent increase from 2013 and the upwards trend could only grow.
How exactly should you protect yourself and your practice? Let’s look into a couple of best practices.

Be wary of email –
Use a mail solution that has antivirus and a robust spam filter enabled. Inspect all email messages thoroughly, including the senders address and do not open any email that looks suspicious. Don’t believe what you see. Just because an email looks real, doesn’t mean it is. Scammers can fake anything, from a company logo to the “Sent” email address.

Before you click a link in any email, try to verify its authenticity. Hover your mouse or pointer over the link to see where it’s directed if you click. Err on the side of caution and confirm before taking any action.

Encrypt data –
Encryption is certainly a hot topic right now. It’s one of safest ways to protect data from being viewed by an unauthorized party. Very simply, encryption is the translation of data into a secret code that you must have the proper key to view.
Anytime electronic Protected Health Information (ePHI) is being sent in an email, HIPAA recommends implementing procedures to ensure encryption both in transmission and storage (while at rest). This could include a secure email provider that also securely stores your email, encryption on your server, workstations, laptops, and other portable devices.

Conduct an annual Security Risk Analysis –
One of the first things the HIPAA security regulations require you to do is perform a security risk analysis. In this analysis, you will identify and evaluate the vulnerabilities and threats to your organization’s electronic protected health information (ePHI) and calculate the effect of each threat on your ePHI if it were to actually occur.

At Aspida, we recommend you perform this annually and work closely with your vendors to ensure their compliance as well. Lastly, make sure your staff and all new employees participate in a yearly HIPAA training to understand how they can protect and safeguard patient data.

Know your vendors –
A Business Associate (BA) is more responsible and accountable than ever before to protect your data. Since the Omnibus Rule, BAs must follow the same rules and guidelines you as a Covered Entity face.
We recommend making a list of each vendor you work with. If you provide them access to your patient data (as needed to perform their job) it’s integral to have a contract, a Business Associate Agreement – BAA, in place to ensure this BA is assuming responsibility for obtaining, maintaining and protecting your patient’s ePHI. It’s also best to confirm your BAs are taking responsibility to execute a BAA with their own subcontracts. Lastly, ensure the agreement clearly states liability and/or assumption of financial responsibility in the event they cause a breach due to their mishandling of PHI.

Be Prepared –
Even through proper training, addressing risks and documentation of policies and procedures, breaches can still happen. Ensure your office has a documented plan and policy in place for what steps to take to address (and report) incidents and breaches.
In these instances, businesses must respond quickly to help protect impacted individuals and the business’s reputation. Data Breach or Cyber Liability insurance helps tame the significant costs of a cyber-attack and/or data breach by offering coverage for mailings to clients, credit monitoring, lawsuits, penalties/fines and more.
Working within an industry that is federally regulated and has strict data security compliance standards comes with inherent risk. A plan to address and mitigate these risks is imperative and any time or money spent on these procedures should be considered well spent.

About the Author:
Laura Miller is Compliance Manager of Aspida, who has quickly established itself as an industry leader in providing compliance security products and services for healthcare providers.
Their first product to market, Aspida Mail, offers medical practices affordable Encrypted Email without compromising security.
Miller has over 9 years of experience in the healthcare industry including 4 years with a primary focus on HIPAA Compliance procedures.

Thank you for reading!  And as a special Thank You, Aspida is offering readers of this site an exclusive discount on your first three months of Aspida Mail – get the first three months for $3 with Promo Code “DUNN”. 

 

 

Posted in Business of Dentistry, Dental Technology, Guest Contributors, How to ..., Products | Tagged , , , , | Leave a comment

The Dental Insiders Episode 26: Dr. Darin O’Bryan on Beauty, Talent, and Communication

Posted on July 8, 2016 by jmichaeldunn

The Dental Insiders, hosted by Matthew Petchel and Michael Dunn, is an interview series for dentists, dental team members and industry professionals. We share stories and lessons from clinicians and industry visionaries with the goal of providing an entertaining and informative look at the industry we share. Episode 26 is part 2 of our interview with dentist, technology expert, and noted CAD/CAM educator Dr. Darin O’Bryan.

In Episode 26 Dr. Darin O’Bryan shares more insights on working with a spouse and the critical nature of communication in dentistry. Check it out!

Audio

Video:

Posted in Business of Dentistry, Dental Technology, Digital Dentistry, Guest Contributors, Products, The Dental Insiders Podcast | Tagged | Leave a comment

The Top Views of Q2

Posted on July 1, 2016 by jmichaeldunn

Dunn Show Happy New Year 2013

 

Between TDS (this site), TDI, and my marketing services business, the first half of 2016 has been a productive, rip roarin’ good time. So with no further ado, here are the top TDS views of Q2…

 

5. 5 Questions with Hu-Friedy – I’m a big fan of Hu-Friedy, and apparently quite a few of you are too.

4. Content Marketing for Dental Labs: Look Around You! – This has been a very popular article. I was even quoted in LMT’s article on content marketing!

3. 5 Questions With Anutra Medical – I love when I get to feature companies who are close to home. If you missed it, check out this Q&A with a new company not too far down the road from me in the Raleigh, NC area.

2. About Michael Dunn – Again, I’m humbled that so many of you have taken a look at my “About” page. I’m so fortunate to have some great people and companies as clients. There are some exciting projects I’m working on with clients, so stay tuned!

And the top view of Q2 was…

1. The Dental Insiders – The interview series I co-host with Matthew Petchel of BrandTarget is quickly becoming a hit. If you haven’t consumed this goodness yet, check it out!

There you have it, the top views of Q2. I’m looking forward to what the next quarter brings for this site, The Dental Insiders, and my marketing services firm. As always, thank you for reading!

Posted in 5 Questions With..., Business of Dentistry, Marketing | Tagged , , , , , , | Leave a comment