Information Managers
  • Home
  • Services
    • All Services
  • Templates
  • Blog
  • Contact Us
  • Practice Management Success
  • Podcasts

Making Passwords Secure in Your Healthcare Practice

Posted on April 14, 2016 by Jean Eaton in Archive

In this FREE 30-minute Practice Management Nugget Webinar with Dovell Bonnett you will learn how to fix the weakest cybersecurity link  in your healthcare practice.

 

Dovell Bonnett, “The Password Guy”, corrects the errors, misconceptions and lies about passwords

3dTransparent

Dovell will explain why password management is the key component of managing the cybersecurity of your healthcare practice.

You need to understand how to properly implement reasonable cyber safeguards to:

  • protect your businesses from cyber-attacks
  • free individual computer users from cumbersome security policies, and
  • put IT administrators back in control of their networks

Have you seen this?

  • post-it notes on computer monitors with the password written on it
  • computer users sharing the same credentials
  • passwords that are easy to guess

 

“Expensive backend cybersecurity products are worthless when the virtual front door has a lousy lock!”

Dovell Bonnett

The management of passwords is the real security nightmare.

User authentication is the most ignored risk to enterprise cybersecurity. When end users are allowed to generate, know, remember, type and manage their own passwords, IT has inadvertently surrendered the job title Network Security Manager to employees – the weakest link in the cybersecurity chain.

Dovell Bonnett reveals the truth about the elephant in the room that no one wants to mention: Expensive backend security is worthless when the virtual front door has a lousy lock! Making Passwords Secure breaks down THE SIMPLE TRUTH about Multi-Factor Authentication (and how to make MFA fast, easy and affordable)!

Dovell proves that making passwords secure is not only possible, passwords can actually become an effective, cost efficient and user friendly feature of robust cybersecurity. After examining how encryption keys are secured, this book introduces a new strategy called Password Authentication Infrastructure (PAI) that rivals digital certificates.

Passwords are not going away.
What needs to be fixed is how passwords are managed.

Register here for the FREE Webinar with Dovell Bonnett.

Email Address




Dovell - smallDovell Bonnett has been creating computer security solutions for over 20 years. His passionate belief that technology should work for humans, and not the other way around, has lead him to create innovative solutions that protect businesses from cyber-attacks, free individual computer users from cumbersome security policies, and put IT administrators back in control of their networks.

He has spent most of his career designing solutions to solve business security needs, incorporating multiple applications onto single credentials using both contact and contactless smartcards. The most famous example of his work is the ID badge currently used by all Microsoft employees.

Dovell has contributed to numerous papers for the Smart Card Alliance organization; magazines, including Card Manufacturing Magazine; and is the author of two books, Online Identity Theft Protection for Dummies® and Making Passwords Secure: How to Fix the Weakest Link in Cybersecurity. Dovell is a frequent speaker and sought-after consultant on the topic of passwords, cybersecurity, and building secure, affordable and appropriate computer authentication infrastructures.

 

Thursday, April 21, 2016

 Join us for Practice Management Nugget Webinar

Making Passwords Secure with

Dovell Bonnett

Email Address



hosted by Jean Eaton of Information Managers Ltd.

Your Practice Management Mentor and Practical Privacy Coach

cyber security, Dovell Bonnett, Multi-Factor Authentication, password management, Practice Management Mentor, privacy, Report this, security

May 17 2016 Practice Management Q&A

Posted on April 13, 2016 by Jean Eaton in Archive

Replay for Members only

Recorded Live Tuesday, May 17, 2016 at 10:30 am MDT

Welcome to May's live Practice Management Q&A with Jean Eaton, Your Practice Management Mentor.

Below you will be able to view the presentation, hear the audio, and participate in the chat and ask questions.

May Q&A topics include:

Does a custodian who also owns the clinic need to complete a confidentiality oath?

What are the fines if an affiliate does not report a privacy breach to a custodian?

What if I'm working for a custodian and they don't report a privacy breach?

Send your questions about practice management, human resources issues, clinic management best practices, procedures, resources, practical privacy tips and more!

 

Have a question?

Send an email to Jean at jean[at]informationmanagers dot ca.

 

 

Resources – Confidentiality Oath Custodians Physicians Resources – Confidentiality Oath Affiliates Employees

 

Are you a member of the Information Managers Network?

You can access all the replays from your membership account.

 I'm a member of Information Managers' Network

Not a member, yet? Become one today!

I want to know more about being a member of Information Managers' Network

 

Resources

Practice Management Q&A series is hosted by Jean Eaton (Your Practice Management Mentor) of Information Managers Ltd.

clinic management, Practical Privacy Coach, practice management, Practice Management Mentor

March 08 2016 Practice Management Q&A – Members Only Replay

Posted on April 9, 2016 by Jean Eaton in Archive

Tuesday, March 08 at 10:30 am MDT

Welcome to March live Practice Management Q&A with Jean Eaton, Your Practice Management Mentor.

Below you will be able to view the presentation, hear the audio, and participate in the chat and ask questions.

March Q&A topics include:

  1. We live and work in a small community. How can we handle our employee's personal health records? Our
    employee's family members come to this clinic, too. What additional safeguards can we use to protect the
    confidentiality of these records?
  2. Patient access requests at every age.
  3. Patient expressed wishes and disclosure.

Have a question?

Send an email to Jean at Jean[at]InformationManagers dot ca.

Webinar recorded live on March 8, 2016.

Resources

9 Steps to Hiring Employees for Your Healthcare Practice

Disclosure Decision Tree

Practice Management Q&A series is hosted by Jean Eaton (Your Practice Management Mentor) of Information Managers Ltd.

March 08 2016 Practice Management Q&A

Posted on March 7, 2016 by Jean Eaton in Archive

Tuesday, March 08 at 10:30 am MDT

Welcome to March live Practice Management Q&A with Jean Eaton, Your Practice Management Mentor.

Below you will be able to view the presentation, hear the audio, and participate in the chat and ask questions.

March Q&A topics include:

  1. We live and work in a small community. How can we handle our employee's personal health records? Our
    employee's family members come to this clinic, too. What additional safeguards can we use to protect the
    confidentiality of these records?
  2. Patient access requests.

Have a question?

Send an email to Jean at jean[at]informationmanagers dot ca.

Webinar will start in

 

Are you a member of the Information Managers Network?

You can access all the replays from your membership account.

 I'm a member of Information Managers' Network

Not a member, yet? Become one today!

I want to know more about being a member of Information Managers' Network

 

Resources

Practice Management Q&A series is hosted by Jean Eaton (Your Practice Management Mentor) of Information Managers Ltd.

clinic management, Practical Privacy Coach, practice management, Practice Management Mentor

5 Things You Must Do Today to Protect Your Professional Reputation

Posted on February 17, 2016 by Jean Eaton in Archive

In this FREE Interview with Barbara C. Phillips, Founder of Nurse Practitioner Business Owner (NPBO™) explains the exact steps for 5 Things You Must Do Today to Protect Your Professional Reputation…and YOU are invited!

If you're a healthcare provider or practice manager who wants to manage your reputation and protect your career without fear of online technology and social media then “Practice Management Nuggets Workshop 5 Things You Must Do Today to Protect Your Professional Reputation” will help you to protect your professional reputation AND own your digital identity!

Register Me for the Webinar!

Recorded Live Thursday, February 18, 2016 – Replay available for a limited time

Join us for Practice Management Nugget Webinar

5 Things You Must Do Today to Protect Your Professional Reputation

 

Barbara C. Phillips NPBOBarbara C Phillips, NP, FAANP is the Founder of Nurse Practitioner Business Owner (NPBO™) providing business education, resources and support for entrepreneurial and employed Advanced Practice Clinicians. She believes all clinicians are a “business” and thus even the employed clinician will excel with basic business and marketing education.

 

 

Give Us 30 Minutes – And Barbara Phillips Will Give You The Secret to 5 Things You Must Do Today To Protect Your Professional Reputation!

Learn how to

  • Own your digital identity.
  • Claim your profile on rating sites.
  • Listen to and engage your patients on social media.

If you're a healthcare provider or practice manager who wants to monitor what is being said about you online without fear of online technology and social media then “Practice Management Nuggets Workshop 5 Things You Must Do Today to Protect Your Professional Reputation” will help you find
success with own your digital identity – FAST!

Register Me for the Webinar!

Recorded live Thursday, February 18, 2016 – Replay available for a limited time

Join us for Practice Management Nugget Webinar

5 Things You Must Do Today to Protect Your Professional Reputation

hosted by Jean L. Eaton, Your Practice Management Mentor of Information Managers Ltd.

Barbara C. Phillips, online identity, practice management nuggets, professional reputation

Protected: Module 3: Replay and Additional Resources

Posted on January 26, 2016 by Jean Eaton in Archive, PIA E-Course 3

This content is password protected. To view it please enter your password below:

Free one month trial membership

Posted on October 28, 2015 by Jean Eaton in Archive

Thank you for joining us for the 15 Day Privacy Challenge!

Please enjoy a FREE one-month trial membership with Information Managers to access more great content that you can use right away!

The trial membership gives you access to:

  • Replays on demand of Practice Management Nugget webinars. Weekly 30 minute interviews with local, national, and international experts to help healthcare practice managers and providers manage their practice! Tips, tools, and templates that you can use right away!
  • Access to premium downloadable content as well as exclusive extras on some of our blog posts.
  • Advance notices of new products.
  • Monthly Q&A Webinar with Jean – user directed access to the Practical Privacy Coach and Practice Management Mentor – send your questions, and Jean will respond during the webinar – replays available only to members of Information Managers Network.

Free 1-Month Trial Membership to Information Managers Network.

Privacy Challenge #11 Privacy Awareness Training

Posted on October 25, 2015 by Jean Eaton in Archive

Privacy Awareness Training

80% of all privacy breaches are internal to the organization. It is the healthcare provider and employer’s responsibility to ensure that everyone in the organization knows the best practices to handle personal information. Healthcare providers must provide privacy and security awareness training to each employee and contracted vendors in a healthcare practice. This includes healthcare providers and professional staff as well as volunteers.

Employers and healthcare providers must be able to document that training is provided to the employee and that the employee understood the key concepts of the content provided in the training.

EmployeeOrientationA formal employee orientation process will help a new employee to succeed by:

  • Reducing the anxiety of the new recruit
  • Introducing the organization's mission and work
  • Explaining the organization's culture, including the values, behaviours, formal and informal practices, etc. including expectations of privacy and security of personal information. Set clear expectations of employee’s job performance and day-to-day activities.
  • Introduce new employee to colleagues, including managers or supervisors
  • Creating mentors and job ‘buddies' to help ease the new employee into the organization's culture

Privacy awareness training is an essential part of your employee orientation program.

Training alone won’t guarantee that mistakes or errors in judgement won’t happen, but the healthcare provider and employer are legally responsible to take reasonable steps prevent privacy and security breaches.

Privacy awareness training happens throughout the year. Informal training that is timely – say, the news item of the latest privacy breach – are great opportunities to reinforce key messages. Use ‘what if that happened to us, what would we do?’ to discuss lessons learned and improve your current practices, if necessary. Review near-miss privacy and security incidents in your practice. These are great opportunities to discuss and fix potential problems before they become breaches.

The Privacy Officer may create and deliver the training and will monitor, supervise, and support the training.

Use a variety of written and multi-media content like posters, newsletters, videos, infographics, and lunch ‘n learn discussions to reinforce key messages. People love games, challenges, and cyber competitions, too, as a way to create variety and interest in privacy and security.

Resources:

I am delighted to share with you a new course, Privacy Awareness in Healthcare: Essentials, training provided by Corridor Interactive. I have the great pleasure to work with Corridor Interactive to develop the course content.  Privacy Awareness in Healthcare: Essentials provides a privacy awareness training program available on demand. Individuals can register for the course and have access to a 3-month subscription. Employers can also purchase training for groups of employees; employees can access the internet based training at a time and location convenient to them. Employers can monitor the employee’s training progress and receive a report of employee’s satisfactory completion of on-line quizzes.

The Health Information Act Guidelines and Practices Manual from AHW provides an administrative checklist of custodian's responsibilities, including training requirements. This is a good outline for your privacy management program and employee orientation even if you don't need to follow the HIA. See Appendix 3 & 4.

Also see the Employee Orientation Checklist from the HRC Council: Getting the Right People.

Make use of networking within your organization and with associations, or organizations of similar or complementary services. Some vendors facilitate user groups. The Alberta Association of Clinic Managers and the Medical Group Management Association of Canada offer networking for Clinic Managers. Privacy Officers can find resources and networking at Privacy and Access Council of Canada.

Today's Challenge:

To Do:checklistsm

  • Do you know who the Privacy Officer is in your business?
  • Do you have an employee orientation checklist? When was it last updated?
  • How can the orientation process be improved?
  • Ask new employees for their feedback on their orientation.

Share Privacy Challenge #11!

envelopeEmail a Friend.

 

Twitter_logo_blueTweet your Followers.

 

 

 

#15DayPrivacyChallenge, #CyberAware, employee orientation, Practical Privacy Coach, privacy awareness training

How are you doing?

Posted on October 25, 2015 by Jean Eaton in Archive

How are you doing?

How are you doing with the 15 Day Privacy Challenge?  What has been the most useful challenge?  Have you learned anything new?  We would be tickled pink to hear from you!

Send me an email  to let me know or post a comment on Facebook. facebook

How are you using the 15 Day Privacy Challenge?

•             Some businesses are using the 15 Day Privacy Challenge as a Scavenger Hunt where employees are in teams and compete to complete each challenge first.
•             Some professional associations are distributing the Privacy Challenge information as a recommended self-education opportunity which members can use for Continuing Professional Education credits.  (see below)
•             Some employers are requiring all employees to participate as part of their staff education requirements – employees are required to sign the poster that they receive at the end of the challenge and submit to the HR department to confirm that they participated in the challenges.  This works particularly well with a planned wrap-up staff meeting to review the challenges as a group and identify any areas of improvement that can be made in the business.

 
Yes!  You can earn CHIMA CPE credits for your participation.

At the end of the 15 Day Privacy Challenge, you will receive a poster.  Please retain this poster, and your responses to the challenges, as confirmation of participation in case you are audited by CHIMA.  For more information about CPE credits, see https://www.echima.ca/cchim/cpe

It isn't too late to register!

Share this with friends and colleagues – they will still receive all the content of the Privacy Challenge. Registration closes Oct 28.

As long as you register and login before Oct 28, you can browse through the 15 challenges and resources at your leisure. They will be available to you on-line for (almost) forever.

#15DayPrivacyChallenge

Three Reasons Hackers Love Your Small Business

Posted on October 25, 2015 by Jean Eaton in Archive

60% of small and medium business owners go out of business

within 6 months after a privacy and security breach.

You can prevent this by implementing good policies, procedures and best practices in your office.  Provide privacy and security awareness training to all of your staff.  Some staff with greater responsibilities will need additional training.

You may not be able to do everything, but doing nothing is not an option.

Share this infographic with tips that you can share with your team.

October is Cyber Security Awareness Month! Information Managers is celebrating by hosting our annual 15 Day Privacy Challenge. The 15 Day Privacy Challenge is a fun, no cost educational opportunity on privacy and security.

We are proud to be a Champion of National Cyber Security Awareness Month #CyberAware #15DayPrivacyChallenge.

#CyberAware, #NCSAM, cyber security, Practical Privacy Coach, small business, small business week
12345

Search the site

What is the elephant in the room?

The Elephant in the Room Find out here...

Privacy Policy

The Data Privacy Day E-Course was very helpful and it made you think more seriously. I actually made some changes to my computer along way.

- Danielle

Register for Free On-line Privacy Breach Awareness Training!

Privacy Policy

Copyright 2022 Information Managers Ltd.

Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}