Information Managers
  • Home
  • Services
    • All Services
  • Templates
  • Blog
  • Contact Us
  • Practice Management Success
  • Podcasts

How To Include Cybersecurity In Your Privacy Impact Assessment

Posted on November 2, 2022 by Izza Nuguit in Blog

How To Include Cybersecurity In Your Privacy Impact Assessment

Keeping information safe and secure is a challenging development for businesses of all sizes over the last few years. Remote working and using cloud hosted services forced healthcare practices to change, or at least re-examine, their cybersecurity practices and protocols.

According to CyberEdge’s Cyberthreat Defense Report, 85% of organizations suffered from a successful cyberattack in 2021.

A privacy impact assessment (PIA) is an important tool to help understand the risks to patient health information and your healthcare business.

The recent Technology Fact Sheet, “How To Protect Against Ransomware“ from the Ontario Information and Privacy Commissioner, provides explanations and recommendations for all businesses.

Conduct privacy and security risk assessments whenever major new technology changes are introduced, and ensure that all critical elements of your IT environment are regularly reassessed.

Ontario Information Privacy Commission

Does Your PIA Include Cybersecurity Risks and Mitigation Plan?

You should review your PIA regularly, at least annually, and update your risk mitigation plans when there is a change in your administrative, technical, or physical practices. You also need to consider that the threat environment external to your business, like the increasing risk of cybersecurity vulnerabilities, can damage your business.

In this Episode #107 of the Practice Management Nuggets Podcast, Jean L. Eaton, Practical Privacy Coach with Information Managers shows us how to include cybersecurity risks in your PIA.

My Takeaways

A Privacy Impact Assessment is a type of a risk assessment. We know that cybersecurity vulnerabilities is a real risk for all businesses, including medical, dental, and other healthcare practices.

Take the time now to consider the new cybersecurity risks. Discuss this with your IT and managed services provider. Find strategies that work best in your practice. Remember—ignoring the risk doesn’t make it go away!

Next time you update or amend your PIA, include what you have done lately to prevent a cybersecurity incident in your practice.

Listen To The Podcast

Cybersecurity in Your Privacy Impact Assessment | Episode #107​

Expert tips with Jean L. Eaton on Practice Management Nuggets Podcast For Your Healthcare Practice.

Listen here: Practice Management Nuggets Podcast

Listen To The Podcast Here

#PracticeManagementNugget, #PrivacyImpactAssessment, cybersecurity, podcast

What’s New in Cybersecurity in Healthcare

Posted on May 7, 2021 by Meghan in Blog

What's New In Cybersecurity In Healthcare

What has been happening lately in cybersecurity in healthcare?

Anne Genge, CEO of Alexio Corporation is my guest on this episode of Practice Management Nuggets For Your Healthcare Practice!

Anne and Jean discuss recent privacy breach scenarios and cybersecurity trends and steps that you can take now to prevent these events to happen to you!

Virtual care, telehealth, and working from home presents opportunities – and cybersecurity risks. Digital health and digital transformation has grown rapidly in the last year. Take time now to review your practice and defend yourself from dramatic increases in cybersecurity attacks.

Anne shares expert tips on how to prevent cybersecurity attacks in your practice.

Anne Genge's #1 Tip to Healthcare Practices

Invest in a professional cyber security risk assessment for your practice. Click to Tweet

 

My Favorite Takeaways From The Podcast

Anne shared Top 3 Tips For an Incident Free 2021 for healthcare providers and dentists and protect your practice and your patients including these nuggets.

  • Secure the network
  • Secure the people
  • Disaster recovery plan

Featured Guest: Anne Genge

Anne Genge is a pioneer in protecting health data and those who use it. She is a Certified Information Privacy Professional with a specialization in dentistry. Anne also holds certifications for HIPAA, Credit Card Security, Internet, and Network Security.

Ransomware and data theft have changed the face of dentistry in the past decade meaning dentists need a new toolkit for protecting their practices.

With over 20 years of experience, Anne knows the challenges healthcare providers face with technology. She and her team at Alexio Corporation work with dental and medical professionals to minimize data risk and maximize patient care.

As healthcare grows increasingly dependent on the digital environment, cyber-security becomes increasingly more difficult. Protection of patient data is not only law, it’s imperative for business success and reputation. Anne simplifies cyber-security for dentists and other healthcare providers and gives ‘real world’ strategies to protect patient information and the practice business.

To find more, see https://getalexio.com

Email: anne@getalexio.com

Twitter @alexiocorp LinkedIn @alexiocorporation
Instagram @alexiocorporation Facebook @alexiocorporation
   
Listen To The Podcast Here

You may also be interested in:

Table-Top Privacy Breach Fire Drill

Ransomware – 6 Mistakes Made By Dentists (And Their IT!)

#PracticeManagementNugget, Alexio, Anne Genge, cybersecurity, dental, healthcare, podcast, ransomware, security risk assessment

Privacy Compliance and Technology in Healthcare

Posted on March 7, 2021 by Meghan in Blog

Privacy Compliance and Technology in Healthcare

Event by Rafiki Technologies with Information Managers

 

A Privacy Impact Assessment (PIA) is a practical business tool in your healthcare practice.

A PIA is an important tool that you can use to help you with project management.

It will help you anticipate risks to the project before it starts and avoid serious problems, wasted time and money.

The PIA process requires you to have written policies and procedures so that you can implement the project effectively and train your staff consistently.

Sometimes a PIA is a requirement of legislation. But it is always a best practice whenever you implement a project that includes personal health information.

Join Rafiki Technologies’ Naheed Shivji and Information Managers’ Jean L. Eaton for a guide to successfully keep your patients’ information safe, follow cyber security best practices, and comply with the requirements of the Health Information Act (HIA).

This on-line workshop will provide you with practical tips to plan your Privacy Impact Assessment (PIA) amendment as well as a strategic cybersecurity checklist.

Who Should Attend?

  • Medical, dental, chiropractic, optometric, pharmacy practices in Alberta.
  • Clinic manager, privacy officer or administrative lead responsible for updating your Privacy Impact Assessment.
  • Healthcare provider

Join Naheed Shivji and Jean L. Eaton for a guide to your PIA completion and technology requirements

Thursday, March 18th, 2021

6:00 PM – 7:00 PM MT

Free Registration

 

Click the button below to register for the workshop!

Register for the Complimentary Workshop HERE!
speakers lady man

Meet Naheed Shivji, Founder & President of Rafiki Technologies Inc.

Naheed has more than 20 years of experience in IT with expertise in the dental industry. He is a passionate entrepreneur helping companies understand and embrace technology and is always searching for business best-practices while giving back to the community.

Naheed works hands-on with his clients to develop winning IT strategies and smooth implementations. He is constantly learning and adapting to industry trends to maintain Rafiki Technologies’ position as a leading managed IT services company in Canada.

Meet Jean L. Eaton, BA Admin (Healthcare), CHIM, CC

Your Practical Privacy Coach and Practice Management Mentor with Information Managers Ltd.

Jean has helped hundreds of physicians, chiropractors, pharmacists, and other healthcare providers complete their Privacy Impact Assessment. She has visited hundreds of practices across Canada.

Jean helps independent healthcare practices with practice administration, privacy awareness, privacy breach management, and legislated regulation compliance in Canada.

Jean's career started as a receptionist and transcriptionist in a busy family medical walk-in practice. She moved into health records and health information management and hospital administration in hospitals, regional health authorities, cancer agencies across Canada and Alberta Health.

Now, Jean specializes her consulting practice to independent healthcare practices who want to start, grow, or improve their practice administration so that healthcare providers can focus on providing quality healthcare services. Jean provides training to businesses including healthcare on practical privacy and security best practices and privacy breach management.

If you are starting your new practice and need your first Privacy Impact Assessment, see our available consultation options here.

You May Also Be Interested In:

 

“What is a Privacy Impact Assessment?”

Read the article and watch the short video now to take a look at what is a PIA, what will a PIA do for you, when you need a PIA, and what is the PIA process.

You can also listen to the Practice Management Nuggets podcast episode here.  

 

“How Long Does it Take to do a New Privacy Impact Assessment?”

Ideally, you should start the Privacy Impact Assessment process 3- 6 months prior to your go-live date. Find out more by reading the article.

cybersecurity, dentist, healthcare, privacy, privacy compliance, privacy consultant, Privacy Impact Assessment, security, technology

CHIMA’s Emerging Privacy Management Practices in Health Care series

Posted on July 30, 2020 by Meghan in Blog

Emerging Privacy Management Practices in Health Care 

I'm tickled pink to be the facilitator for CHIMA's new continuing education series.

The Canadian Health Information Management Association (CHIMA) recently launched a live, 5-part privacy series, Emerging Privacy Management Practices in Health Care, beginning on August 6, 2020.

Telehealth and virtual care implementation has advanced 10 years in the last 3 months in response to the coronavirus (COVID-19) pandemic. This series covers the critical aspects of implementing modern privacy management practices in your health care organization. This series is suitable for individuals with privacy-related roles (e.g., managers, vendors, or employees) across the continuum of health care (e.g., acute, primary, long-term or community care).

Each module will cover a privacy-related topic area including privacy awareness, release of information (ROI), access and disclosure, security/cybersecurity, and breach management. Environment overviews are shared throughout the series along with new opportunities for health information professionals in both traditional and emerging roles. By keeping current with these trends, health information professionals will be better prepared to assume new roles within privacy management.

Attend the live webinars to participate in a Q&A period with series facilitator and industry expert Jean L. Eaton.

Learn more at echima.ca/privacy-series

Speakers:

Jean L. Eaton, Your Practical Privacy Coach and Practice Management Mentor with Information Managers Ltd.

Jean L. Eaton is a Certified Health Information Management (CHIM) professional, and privacy awareness training facilitator.

She has had the honour of sharing her passion for practical privacy and confidentiality advice with hundreds of medical clinics, health care practices, and organizations across Canada and the United States.

Jean has over 20 years of experience in health information management and health care administration and over 15 years in her independent privacy consulting practice. She makes practical recommendations for thousands of independent health care providers to help them comply with privacy legislation and create efficient practices.

Jean is also a keynote speaker on the topic of privacy breach management and serves as an on-demand ‘virtual privacy officer’.

The live webinars will occur on the first Thursday of each month from August to December.

 

Module Date Time
1. Privacy awareness August 6, 2020 12:00 – 1:30 pm EST
2. Release of information September 3, 2020 12:00 – 1:30 pm EST
3. Access and disclosure in patient portals, information sharing, and health information exchange environment October 1, 2020 12:00 – 1:30 pm EST
4. Security/cybersecurity November 5, 2020 12:00 – 1:30 pm EST
5. Privacy breach management December 3, 2020 12:00 – 1:30 pm EST
Purchase Your Series Pass Here!
access, cybersecurity, health care, Health Information Management, healthcare, medical, privacy, privacy awareness, privacy management, security, telehealth, virtual care

Your Guide to Privacy & Security Measures for the Health Care Industry

Posted on June 11, 2020 by Meghan in Blog

I’m tickled pink to be a guest of Rafiki Technologies' EVOLUTION SERIES

Your Guide to Privacy & Security Measures for the Health Care Industry

Join Rafiki Technologies and Jean Eaton to learn effective ways to keep your patient information safe and secure.

Confidentiality and security of personal health information (PHI) are crucial in the health care industry. It's your job to keep your records safe and your patient's information private, confidential, and secure.

Electronic medical records (EMR) have many advantages but security concerns are attached. Internet hackers are able to access private information in a matter of minutes if the medical practice doesn't have strong security measures in place and well-trained staff.

Learn how to protect your patient data with Rafiki Technologies' President Naheed Shivji. He and his team have worked in the medical industry for many years and they understand how to integrate proper IT and security measures seamlessly into existing infrastructure.

Joining Naheed Shivji is a Certified Health Information Management Professional, Jean L. Eaton. Jean is exceptionally versed in privacy awareness training and tools and works alongside many healthcare providers to ensure they're using the right protocols to keep patient information protected while complying with privacy legislation. 

Speakers:

Jean L. Eaton, Your Practical Privacy Coach and Practice Management Mentor with Information Managers Ltd.

I assist healthcare providers, clinic managers, practice managers, privacy officers, and independent healthcare practice owners with practical privacy awareness training and tools that are easy to implement, cost-effective, and meaningful to your day-to-day business.

As a Certified Health Information Management professional (CHIM), and privacy awareness training facilitator, I have had the honour to share my obsession about practical privacy and confidentiality advice with hundreds of medical clinics and healthcare practices and organizations across Canada and the US.

With over twenty years of experience in health information management and healthcare administration and over 15 years in my independent consulting practice, I have made practical recommendations for 1000’s of independent health care providers to help them comply with privacy legislation and create efficient practices.

 

Naheed Shivji, Founder & President of Rafiki Technologies Inc

Naheed has more than 20 years of experience in IT with expertise in the dental industry. He is a passionate entrepreneur helping companies understand and embrace technology and is always searching for business best-practices while giving back to the community.

Naheed works hands-on with his clients to develop winning IT strategies and smooth implementations. He is constantly learning and adapting to industry trends to maintain Rafiki Technologies’ position as a leading managed IT services company in Canada.

 

Your Guide to Privacy & Security Measures for the Health Care Industry

Tuesday, June 16th, 2020

6:00pm MDT

Watch the YouTube Video Here!
cybersecurity, datasecurity, healthcare, informationsecurity, medical, privacy, security

Cyber Security Awareness Training for You!

Posted on October 1, 2019 by Jean Eaton in Blog

Did you know?

1/3 of all healthcare employees who should receive cyber security training, don’t get cyber security training.

You can do better!

Start here.

October is Cyber Security Awareness Month! #BeCyberSmart

A great no-cost opportunity to provide cyber security awareness training to your team!

     

Register Below!

 

Cyber Security Awareness Training By Email

 

To celebrate Cyber Security Awareness Month, Information Managers is hosting free training tips by email throughout October.

In this training, Jean L. Eaton, Your Practical Privacy Coach will share cyber security tips and resources with you!

You can forward the email  to easily share the tips and resources with your team.

Or, they can sign up to the email training, they will receive emails directly to their in-box.

Discuss the tips and posters to see how they best apply to your work or home cyber security practices.

 

Your Cyber Security Awareness Tips will be delivered to the email address that you enter above.

You'll also benefit from occasional emails about privacy and practice management.

We don't share or sell your information. Ever.

Follow Us On Social Media!

Throughout October, we will cyber security tips and free links to additional resources on our social media accounts  that you can download right away! Follow us!

Twitter

 

Whether you’re at work, at home, or on the go, threats to cybersecurity and sensitive data can follow you. Our uber-connected world makes it more important than ever to know the threats and their potential consequences.

Information Managers Ltd has been a Cyber Security Champion for many years – and now you can, too!

Cyber Security Awareness Month was launched by the National Cyber Security Alliance (NCSA) & the U.S. Department of Homeland Security in October 2004. This US organization sponsors a multi-media resource campaign each October.

https://staysafeonline.org/ncsam/champions/

Please use the social share buttons below to share these Cyber Security Awareness  activities with your friends and colleagues.

#BeCyberSmart, cyber security, cybersecurity, National Cyber Security Awareness Month, training

How Do I Know If My Computer Is Secure?

Posted on June 26, 2017 by Jean Eaton in PMN Replay

How Do I Know If My Computer Is Secure?

(Tips for the non-techie)

with Craig Petronella

Recorded Live Thursday June 29, 2017 12 Noon MDT

 

Click Here to Download Your Learning Resources Guide]

Join the Chat!

Ask your questions here – and receive a reply by email:

Craig Petronella of Petronella Technology Group knows that you prevent fines and security incidents when you take steps now to prevent problems in the future. In this Free 30-minute Privacy Management Nugget Webinar, Craig Petronella will show you how you can reduce your risks :

  • Use secure email to share health information
  • Check-list to determine if your computer is secure
  • Security awareness training

 

Petronella Technology Group Log

 

 

 

 

Craig Petronella has advised clients on how to best protect their computer information for over thirty years.

He is North Carolina’s Top IT Cybersecurity Expert and Amazon #1 Best Selling Author of How HIPAA Can Crush Your Medical Practice. Craig is the owner and CEO of Petronella Technology Group.

 

 

Practice Management Nuggets’© series is hosted by Jean Eaton (Your Practice Management Mentor) of Information Managers Ltd.

 

#PracticeManagementNuggets, computer, Computer is secure, Craig Petronella, cybersecurity, health care, healthcare, medical, practice management

How Do I Know If My Computer Is Secure? (Tips for the non-techie)

Posted on June 26, 2017 by Jean Eaton in PMN Replay

Tips for the non-techie.

  • Did you know that a healthcare practice can be fined for not meeting HIPAA and other privacy legislation requirements?
  • Class action lawsuits compounds this risk and can cost you millions of dollars.
  • Data breaches are occurring every day.
  • A majority of data breaches happen to small to midsize companies.

There are many things that you can do right now to prevent crippling fines.

It is not enough to just have anti-virus and anti-malware off-the shelf solution.

Your first step is to know if your computer is secure now.

Craig Petronella of Petronella Technology Group knows that you prevent fines and security incidents when you take steps now to prevent problems in the future. In this Free 30-minute Privacy Management Nugget Webinar, Craig Petronella will show you how you can reduce your risks :

  • Use secure portal to share health information instead of email
  • Check-list to determine if your computer is secure
  • Security awareness training

 

Petronella Technology Group Log

 

 

 

 

Craig Petronella has advised clients on how to best protect their computer information for over thirty years.

He is North Carolina’s Top IT Cybersecurity Expert and Amazon #1 Best Selling Author of How HIPAA Can Crush Your Medical Practice. Craig is the owner and CEO of Petronella Technology Group.

 

Protect your healthcare practice and your patients' health information.

You need to take all reasonable safeguards to prevent a security incident. Join us for the FREE webinar.

How Do I Know If My Computer Is Secure?

(Tips for the non-techie)

with Craig Petronella

Live Thursday June 29, 2017

Along with your registration for the event you'll also benefit from weekly email reminders of the next guest expert on Practice Management Nuggets Webinars for Your Healthcare Practice.

Practice Management Nuggets Webinars

The perfect lunch break for busy practice managers – only 30 minutes and it’s free!

Practice Management Nuggets Webinars is a regular interview series with practice managers, healthcare providers, or trusted vendors who support healthcare practices. Topics include things you need to know to help you start, grow, fix, or maintain your healthcare practice. The events will be short – about 30 minutes – with nuggets of information that you can use right away.

And best of all – this is a free, no cost opportunity for you and your staff to hear from experts on a variety of topics how they made their clinics and businesses a success! Register now to receive a weekly update of the Practice Management Nugget Webinar guest speaker. Even if you can’t attend register anyway and we will send you the replay. Replays will be available for only a limited time.

Practice Management Nuggets’© series is hosted by Jean Eaton (Your Practice Management Mentor) of Information Managers Ltd.

 

#PracticeManagementNuggets, computer, Computer is secure, Craig Petronella, cybersecurity, health care, healthcare, medical, practice management

Tips to Protect Your Business From Cybercrime

Posted on August 12, 2016 by Jean Eaton in Blog

“Develop and practice a privacy and security breach management plan. Ask to see your vendors' and contractors' privacy and security breach management plan, too.

Prepare for a cybercrime by identifying your risks and mitigate or prevent those risks from happening.”

~ Jean L. Eaton of Information Managers Ltd.
Contributor “Tips to Protect Your Business From Cybercrime”

Independent healthcare practices and small business owners need to know the important tips to prevent cybercrime attacks.

“Tips to Protect Your Business From Cybercrime” will help you to discover over 75+ practical tips from experts and small business owners to help you protect your small business.

Time spent NOW on basic security will prevent privacy breach pain!

[clickToTweet tweet=”Cybersecurity is for all businesses even if you do not us social medial or a website! #PrivacyAware” quote=”Cybersecurity is for all businesses – even if you are not using social medial or have a website!”]

Many small business think that they are too small to be attacked – not true! Not reviewing your security practices and keeping up to date can leave your small business vulnerable to attacks.

Many independent healthcare providers and clinic owners ask,

  • I'm a small business. I'm not at risk of cybersecurity, am I?
  • I can't afford to hire a security expert – what can I do to improve cybersecurity for my business?
  • What should I include about cybersecurity in my training for my employees?

This e-book includes:

  • Website Security Tips
  • Finance Security Tips
  • Back Office Security Tips
  • Account Management Security Tips

You need to read this immediately to take your cybersecurity to the next level. Get this Free E-book from “Tips to Protect Your Business From Cybercrime“, a Cybercrime Security E-book created by Microsoft and Small Business Trends!

 

cybercrime, cybersecurity, healthcare, Microsoft, privacy breach, Small Business Trends

Search the site

What is the elephant in the room?

The Elephant in the Room Find out here...

Privacy Policy

I have used Corridor's Privacy Awareness in Healthcare: Essentials online training program. The course has helped satisfy the training requirements of the Health Information Act. Staff go through the course at their own pace while we monitor to ensure completion.

- Luke Brimmage, Executive Director, Aspen Primary Care Network

Register for Free On-line Privacy Breach Awareness Training!

Privacy Policy

Copyright 2022 Information Managers Ltd.

Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}