HIPAA 2017 Compliancy Group, LLC

Transcription

1 1

2 Meet Your Expert Charles Weiselberg Compliancy Group, LLC Director of Customer Service ENDORSED PARTNER 2

3 Compliancy Group We simplify compliance so you can confidently focus on your practice. Compliance is our ONLY business HIPAA auditors & Compliance experts No client has ever failed an OCR or CMS audit! 100% of our clients would refer us to a friend Recognized Leader of Compliance Top Emerging technology CRN Security & Compliancy Visionary Channel Pro Top Compliance Tools HIPAA Journal Endorsed by: 40 medical associations and technology providers HiPAA Compliant Hosting EHR s IT Managed Service Providers Security 100 s of MSP s, Coalfire 3

4 Sources of Attacks 4

5 Security issues in the last year 73% 1or more security breach 60 % categorized as serious 76% lost devices, mobile malware, phishing attacks or staff disabling security features The #1 reason is a mistaken belief that current security is good enough. CompTIA s International Trends in Cybersecurity report 5

6 What Is The Cost Of IT Security Breaches? The firm identified 14 cyber attack impact factors, including seven it claims are hiding beneath the surface and account for 95 percent of the financial impact. 6

7 The Real Cost HIPAA Monetary Penalties 2017: Million 2016: $24 Million Breach Notification: $250 per record affected Source: 7

8 Ransomware in Healthcare 88% of all ransomware is detected in the healthcare industry ~ 4,000 ransomware attacks average per day in Q Source: 8

9 What is Ransomware? Malware that attempts to extort money from a computer user by infecting and taking control of the victim s machine, files, or documents 9

10 How do you get Malware? Source: 10

11 Source: 11

12 Source: 12

13 The Human Element is the Major Concern Factors in Security Breaches 52% 48% CompTIA s International Trends in Cybersecurity report 2017 Human error Technology error 13

14 What is my password? Jimmy Kimmel Live 14

15 Source: 15

16 What can I do? Your House & Cyber Security Prevention - Lock on the Door Risk assessments Firewalls Training Detection - Turn on an Alarm Monitoring Spam Filters Virus Protection Policies & Procedures Recovery - Keep a Bat at the door Encryption Storage & Back up Recovery plans 16

17 94% HIPAA Compliance Source: 17

18 HIPAA Compliance & Cyber Security Assessment of risks: Remediate vulnerabilities Training: Your Staff knowing what to look for and how to identify attacks Policies and Procedures: Stops Ransomware infections before it takes hold Encryption: Protect the sensitive information Backup: Practice Disaster planning: Restoration of access to data, and getting back to business 18

19 Partial Security Compliance Total Security Compliance $ Audits SRA (Security Risk Assessment) $ Security Remediation Efforts $ Incident Management & Remediation Audits SRA (Security Risk Assessment), Administrative, Privacy Remediation Plans $ $ Policies, Procedures & Training Business Associate Management The Guard TM Document Version, Employee Attestation & Tracking Policies, Procedures & Training 19

20 What Can You Do Right Now? 1. Get HIPAA Compliant 2. Passwords Use a sentence or phrase 3. Show your members what to look for / Prevention Plan 4. Restrict unnecessary access/user privileges 5. Keep Anti-Malware / Anti-Virus up-to-date 6. Filter spam and (.exe,.zip) attachments, and show hidden file extensions (a.pdf may really be an.exe) 7. Ensure a foolproof backup plan, for fast recovery 20

21 Final Takeaways Cyber Security attacks have become common. While the ransom won t break the bank, cost of downtime, data loss, possible fines, and notifications incurs significant costs The leading cause is ransomware: malicious s with lack of employee training Today s security solutions (anti-virus/ filters) are NOT effective against ransomware HIPAA Compliance is the most effective means of protection Risk Assessments, Training, policies and procedures, IT Standards (including: backup and disaster recovery) 21

22 Compliancy Group FREE Tools HIPAA Education and training Industry leading Education Series Upcoming & past webinars: Free Resources (whitepapers, articles, infographics) 22

23 Questions? FREE HIPAA Compliance Checklist 23