Information Managers
  • Home
  • Services
    • All Services
  • Templates
  • Blog
  • Contact Us
  • Practice Management Success
  • Podcasts

Privacy and Security In Telehealth Summit

Posted on October 5, 2020 by Jean Eaton in Blog

Growth in telehealth has exploded in 2020 – and so have the privacy and security risks!

  • 46% of consumers are now using telehealth to replace cancelled healthcare visits1.
  • Providers have rapidly scaled offerings and are seeing 50 to 175 times the number of patients via telehealth than they did before2.
  • 90% of patients prefer telemedicine over in-office visits3.

At the same time, we have seen:

  • 80% of security breaches caused by stolen or brute forced credentials.
  • Individual’s COVID-19 testing status and contact tracking inadvertently released to the public.
  • Unsecure video conferencing exposing personal information to others.

When you properly balance the opportunities of telehealth with safeguards to protect the privacy and security of our patients’ health information, you can:

  • Improve patient access to healthcare and patient satisfaction;
  • Develop viable new business models;
  • Maintain and improve patient relationships;
  • Implement flexible staffing employment models to respond to the demands of the pandemic.

Announcing Virtual Health Privacy Summit

In this Virtual Health Privacy Summit, we’re going with TED-style talks – short, engaging presentations from industry experts on compelling topics that are important to your clinic, practice, or business.

This event is ideal for chiropractors, physiotherapists, doctors, dentists, dental hygienists, dental assistants, dental technicians, receptionists, treatment coordinators, practice managers, privacy officers, or owners of a healthcare practice.

Register Now for the Virtual Health Privacy Summit!

Privacy and Security In Telehealth Summit

Wednesday October 21, 2020

 

 

Keynote – Dr. Kale Matovich
Natural Way Chiropractic

The Phoenix Plan: How Our Chiropractic Practice Uses Telehealth to Support Our COVID Recovery

The COVID-19 pandemic significantly affected the way chiropractors provide care to their patients. Dr. Kale Matovich will share his experiences of implementing telehealth solutions as an unconventional, yet essential, component of both patient care and business recovery at Natural Way Chiropractic.

 

Dr. Angela Mulrooney
Unleashing Influence

Pivoting To Online Possibilities

COVID-19 has shoved us into the future of technology-adoption in healthcare. If you don’t level up and get with the advancements, you will be left behind. Angela will discuss the best innovations and how you can make the most of them in your healthcare practice to ensure online income during shutdowns and into the future of your practice.

 

Anne Genge
Alexio Corporation

Easy and Affordable Ways to Dramatically Increase Your Security Online

“Anne takes difficult concepts and makes then interesting and understandable for everyone” (Maggie S. – attendee: Privacy & Security for Office Managers Course 2019)

Who is this for? This talk is designed for all people working with computers and will give you excellent strategies for your office and home use.

Most people have antivirus on their computers but breaches, data theft, and ransomware keep happening. Learn why, and learn how a few tweaks to how you’re working can make an exponential difference to the security of your patient and personal data.

 

Jean L. Eaton
Information Managers Ltd.

Practical Telehealth Privacy Tips For Your Practice

Your Practical Privacy Coach, Jean L. Eaton, will share practical privacy tips you need to know to implement your telehealth program including:

  • Patient on-boarding;
  • Informed consent to telehealth notice; and
  • How to easily document telehealth encounters in your practice.

 

Lauren Sergy
Up Front Communication

The Keys to Buy-In: How to Get Staff and Patients On Board With New Practices and Processes

Changing how we work can be difficult. No matter what it is you’re changing – shifting your privacy practices, engaging in telehealth, or implementing some other new process – getting buy-in from staff, partners, and patients is crucial to the success of your initiative. In this fascinating session, communication and speaking expert Lauren Sergy will take you on a high-level look at how persuasion works, revealing key strategies to getting the buy-in and commitment you need from your staff.

Register Now for the Virtual Health Privacy Summit!

This is the second summit from Canada's Health Privacy Summit. 

People are talking about the Canadian Health Privacy Summit! 

“Absolutely great and informative summit :)”

“This was the best presentation on this topic that I have heard in the 50 years that I have practiced.”

“Great opportunity for those of us who are in the dental industry to learn about issues related to digital information security”

“A lot of information packed into an afternoon with an opportunity to learn more and connect with the presenters made this a valuable learning experience. Looking forward to the next summit. Thank you!”

References:

(1, 2) McKinney COVID-19 Consumer Survey, April 17, 2020. https://www.mckinsey.com/industries/healthcare-systems-and-services/our-insights/telehealth-a-quarter-trillion-dollar-post-covid-19-reality# 

(3) Dr. Mike Greiwe, Practice Management Nuggets, 2020 September 22, https://practicemanagementnuggets.live/why-medical-practices-will-have-to-offer-telemedicine/ 

We are Cybersecurity Awareness Month Champions!

The Health Privacy Summit is a Champion of online safety and data privacy. This #CybersecurityAwareness Month we're hosting the Privacy and Security In Telehealth Summit October 21! #BeCyberSmart @StaySafeOnline @Cyber #vhps2020

#CybersecurityAwarenessMonth, privacy, security, telehealth

October Is Cyber Security Awareness Month!

Posted on October 1, 2020 by Jean Eaton in Blog

If You Connect It, Protect It

In healthcare practices, we have a responsibility to ensure reasonable safeguards to protect personal health information. In the early days of a clinic opening, your privacy impact assessment includes a privacy risk analysis that identifies potential risks to the privacy, confidentiality, and security of health information – and all the ways that you will mitigate and prevent those bad things from happening.

Threat Risk Assessment

As a practice matures, you are expected to regularly re-evaluate the risks to health information and conduct a new threat risk analysis (TRA). Conducting a TRA is a reasonable safeguard as described under the Alberta Health Information Act (HIA) and part of your obligations with information sharing partners, like Alberta Netcare Portal.

This is part of your Privacy impact assessment (PIA) amendment or update.

This is where you demonstrate that the custodians and the leadership of the clinic understands the importance of privacy and security. The TRA should review and update the original risk analysis – and describe what you have done lately.

The TRA should include administrative, technical, and physical safeguards.

IT Asset Inventory

You need to know where your personal health information – and other business, confidential, and sensitive information resides – before you can protect it.

A review of all the devices in your clinic that contain personal health information is one example of a technical safeguard. Your information technology (IT) computer network vendor or managed service provider should be conducting a regular enterprise-wide IT asset inventory. Generally, an enterprise-wide IT asset inventory is a comprehensive listing of an organization’s IT assets with corresponding descriptive information, such as data regarding identification of the asset (e.g., vendor, asset type, asset name/number), version of the asset (e.g., application or OS version), and asset assignment (e.g., person accountable for the asset, location of the asset). Listen to the Help Me With HIPAA podcast episode 273 for a great discussion on why this is so important.

The clinic’s system administrator or privacy officer should review the IT asset inventory with the MSP to ensure that all listed devices – both the devices managed by the MSP and any other connected devices – are included in the inventory.

In your PIA amendment, remember to include when you most recently completed your IT asset inventory, who was involved in the development, when it was reviewed by your custodians and leadership, and the actions that you took based on the results of your assessment.

See the Summer 2020 OCR Cybersecurity Newsletter Making a List and Checking it Twice: HIPAA and IT Asset Inventories and the additional resources to assist you with your IT Asset Inventory.

Security Vendor Questionnaire

Choosing a vendor to meet your cybersecurity needs is not an easy task. To help you, the National Cyber Security Alliance has created a checklist with some questions you should consider asking current or potential vendors. it is not exhaustive, but gives you a good start. If you don't understand some or any of these questions, consider having a business partner or colleague help you interview vendors. And always remember to engage in a Service Level Agreement and Contract with the vendor so all expectations are clearly articulated.

If you are a healthcare provider, you may need an Information Management Agreement, too.

Bonus Tip – Keep your questions and responses from the vendor as part of your privacy and security risk assessment to demonstrate your diligence and commitment to reasonable safeguards to protect your business and your patients' health information.

Security Vendor Questionnaire

 

If You Connect It, Protect It Resources

Use these resources from DHS NCSAM that you can download and share right away!

INTERNET OF THINGS

CYBERSECURITY WHILE TRAVELING


Here's a great no-cost opportunity to provide cyber security awareness training to your team!

October is Cybersecurity Awareness Month, a global effort to help everyone stay protected whenever and however you connect. The overarching theme for the month is, ‘Do Your Part. #BeCyberSmart.’ and Information Managers is proud to be a champion and support this online safety and education initiative this October.

 

Events This Month

 

  • Worried About A Privacy Breach? – Live Oct 8
  • Practical Privacy Officer – Live Oct 29
  • Privacy and Security in Telehealth Summit – Live October 21

 

CyberSecurity Champions

Information Managers Ltd has been a CyberSecurity Champion for many years – and now you can, too!

We want to help you, your family, friends and our community stay protected all year long, too. We encourage you to sign up as an individual Cybersecurity Awareness Month Champion. After signing up, you’ll receive a toolkit of free resources, including simple online safety habits and steps you can take to #BeCyberSmart.

National Cybersecurity Awareness Month is co-led by the National Cyber Security Alliance (NCSA) and the Cybersecurity and Infrastructure Agency (CISA) of the U.S. Department of Homeland Security. For more information about ways to keep you and your family safe online visit https://staysafeonline.org/cybersecurity-awareness-month/ and/or cisa.gov/ncsam.

 

 

Be CyberSecurity Aware

Cybersecurity Awareness

 

  • Demonstrate to your team the importance of cyber security at work.
  • Share with your patients – by posters in your practice, blog posts, or your email newsletters – and demonstrate that your practice is cyber aware and you want to share tips with them.
  • If you have team members who work remotely, work from home, use their own mobile devices, or use the internet to connect with apps and resources – give them additional skills to do their work as safely as possible.
  • Help your team members better manage their own personal information in their personal lives – good habits that will help them at work, too!

 

Become a Champion here https://staysafeonline.org/ncsam/champions/

 

Follow Information Managers blog posts, social media, and resources that you can download and use right away!

 

#BeCyberSmart, #CybersecurityAwarenessMonth, #NCSAM, Cyber Security Awareness, IT Asset Inventory, NCSAM Champion, threat risk assessment

Search the site

What is the elephant in the room?

The Elephant in the Room Find out here...

Privacy Policy

"The 15 Day Privacy Challenge has given me some additional information on day-to-day responsibilities that I hadn't considered until now. Each Privacy Challenge has been so informative and I've been sharing it with our office staff."

- Vera, Alberta Health Services

Register for Free On-line Privacy Breach Awareness Training!

Privacy Policy

Copyright 2022 Information Managers Ltd.