Practice Management Nuggets Events – Live

Posted on April 23, 2014 by Meghan Davenport in Members Only, PMN Replay

The perfect lunch break for busy practice managers – only 30 minutes and it's free!

(PS – Looking for a different replay? Become a member and get unlimited access!)

‘Creating Leaders at Every Level'© with Lisa Litwinski

Lisa Litwinski
LiT PATH Learning Centre Inc.

How does your team respond to change, challenge, stress and restructuring?

Lisa Litwinski of LiT PATH Learning Centre Ltd. will share some key strategies to help your employees contribute to workplace wellness and results every day.

Lisa Litwinski, BA Psychology, is an engaging professional speaker, expert facilitative trainer, & Coach/Mentor Consultant who works with individuals, teams, and leaders to inspire awareness, appreciation, and collaboration. Her clients look for team building, leadership development, and empowerment success strategies; they include industry, non-profit, health care, and government. Lisa works with companies to engage healthy, collaborative teams and Create Leaders at Every Level of responsibility.

In this 30-minute Privacy Management Nugget Lisa will give you practical tips and tools on how to:

Encourage self-directed leadership
Increase communication, build relationships, enhance results

Creating Leaders at Every Level© with Lisa Litwinski

of LiT PATH Learning Centre Ltd.
Thursday September 11, 2014 noon – 12:30 pm MST

Learning Resource Guide

Lit PATH Learning Centre Ltd. Website

Today, IChoose Cards® by Lisa Litwinski

Subscribe to Privacy Nuggets Newsletter!

Upcoming Events Send me a weekly reminder

Listening…on a schedule with Lauren Sergy of Up Front Communication – Oct 2

Lauren Sergy
Up Front Communications

Patients commonly complain that their healthcare provider is in too much of a hurry to talk to them.

Lauren Sergy of Up Front Communication will share some key strategies to help you communicate with your patients in a caring, professional manner that will still let you keep to your appointment schedule.

Presentation, public speaking, and communication coaching and training for professionals and businesses is Lauren’s strength. In this 30-minute Privacy Management Nugget Lauren will give you practical tips on how to be an:

energetic, positive communicator at work with colleagues and patients and
engaging, sensitive, and tactical speaker whether you are addressing an auditorium full of people or having a one-on-one meeting

How to go from rushed to attentive without stretching your time!

“Listening…on a schedule”
with Lauren Sergy of Up Front Communication
Thursday October 2, 2014 noon – 12:30 pm MST

Don’t miss an event – Sign up now to receive weekly notices of the next Practice Management Nugget guest speaker. Even if you can’t attend, register anyway and we’ll send you the replay details. Replays will be available for only a limited time.

archives, Communication, healthcare, marketing, physicians, Practical Privacy Coach, practice management, Practice Mangagement Mentor

Leasing Do’s and Don’ts for Your Healthcare Practice

Posted on March 13, 2014 by Meghan Davenport in Blog, Practice Management Nugget Interview

Practice Management Nugget Event

Leasing Do's and Dont's for Your Healthcare Practice

What is your the trigger date for your commercial lease renewal?

One of the most important things I learned today with our interview with Jeff Grandfield – give yourself enough time to find the best location at the best deal for your commercial lease.

What is your #1 Tip when negotiating (re-negotiating) your commercial lease?
Give yourself enough lead time to negotiate your lease – at least 6 months for new locations and 9-12 months for lease renewal. Renewal option clause often requires you to notify the landlord 6 months before the lease expires of your intention to renew your lease.

Key terms that you need to know:
Tenant improvement allowance
Deferred rent or rent-free months
Renewal options
Assignment rights
Deposits and personal guarantees
Demolition clauses
Parking and signage

Your commercial lease will be one of the biggest investments in your business. If the term of your lease is 5 or 10 years, it is more important than ever to make sure that your leasing decision is the best one for you. Getting assistance from a professional leasing agent is an easy decision to make.

For more information contact The Lease Coach.

Did you know that you can negotiate almost any part of your Lease Agreement, except the physical location?

HOWEVER….you may be leaving money on the table if you don't ask the right questions!

Jeff Grandfield has been a commercial lease consultant with The Lease Coach since 2005. The Lease Coach is America's #1 authority on lease negotiating for tenants since 1993. Jeff frequently speaks at healthcare conferences and franchise shows across North America, as well as writes numerous articles for various industry magazines, and is co-author on “Negotiating Commercial Leases & Renewals for Dummies”.

Jeff is going to give you practical tips on the leasing do's and don'ts for your health care practice:

What a healthcare practice manager need to know about leasing
How to effectively negotiate a lease renewal

Our Practice Management Nugget event includes an expert interview with Jeff Grandfield of The Lease Coach hosted by Jean Eaton (The Practice Management Mentor) of Information Managers.

Bonus tip: There are so many things you need to know to start, maintain, and grow your practice. Join us each Thursday for nuggets of information that you can use right away for your healthcare practice.

This interview is now available as a member benefit. Try out a Trial Membership to access this Practice Management Nugget interview and other webinar replays and resources. And if you’re already a member, just log-in and enjoy!

commercial lease, healthcare, leasing, Practice Management Mentor, practice management nuggets, The Lease Coach

New Offer: Customized Privacy Awareness Training

Posted on March 9, 2014 by Meghan Davenport in Uncategorized

Information Managers is excited to offer a new training program that will be cost and time effective for a variety of teams and offices, and will provide quality consistent privacy and security awareness to your current and new employees and contractors.

You can have exclusive access to a customized privacy awareness webinar that your team can access on demand. This permits immediacy to new employees and can be easily included in the orientation period. The webinar will be approximately 1 1/2 hours in duration and include handouts, and pre- and post-training tests that you administer.

Privacy and Security Awareness Training Webinar

The standard webinar content includes:

What is privacy, confidentiality, and security?
What is the Health Information Act (HIA)? Includes summary of important 2010 and 2013 amendments.
What is the Personal Information Protection Act?
What is Alberta Health Act?
What are HIA Privacy Principles?
What is Health Information?
To whom does the HIA apply?
What is Netcare? Review of authorized use.
What are Safeguards – Administrative, Physical, and Technical?
What are Expressed Wishes of Individual?
What is a Privacy Breach?

Some customization of the content can be made to make it even more relevant and useful to your organization.

The webinar may include a pre-recorded audio introduction and conclusion by your Privacy Officer, Manager, CEO or designate to further customize the training to your organization.

Your organization will receive the web link to the webinar, electronic copy of participant handouts and quiz that you may use up to 1 year for current and future training needs. This is licensed for your exclusive use – you cannot give or sell this to another party. You can choose to post this to your internal website or computer network, or Information Managers can host this for you to access on demand.

$300.00 +GST. Includes handouts, 1 year licensed access to Privacy Awareness Training webinar.

Yes! Contact me to create my customized Privacy Awareness Webinar!

Purchase Customized Privacy Awareness Training

Health Information Act, healthcare, Practical Privacy Coach, privacy, privacy by design, training

Mandatory privacy breach reporting proposed for HIA

Posted on March 3, 2014 by Jean Eaton in Blog

Information and Privacy Commissioner Jill Clayton has written to the Minister of Health to formally request the Government of Alberta consider amending Alberta’s Health Information Act (HIA) to include mandatory breach reporting and notification provisions.

In the letter, items for consideration in an amendment to the legislation include who should be notified about a breach, what the triggers are for notification, what should be reported and in what time frame, and whether there should be penalties, sanctions or other consequences for failing to notify. A copy of Commissioner Clayton’s letter has been posted to the Office of the Information and Privacy Commissioner’s website at www.oipc.ab.ca.

There are several current legislation that requires mandatory privacy breach reporting including PIPA in Alberta. We have best practices to follow when we have a privacy breach involving health care. (See our Document Management Tip: Privacy Breach Reporting Form as a sample tool to follow).

In healthcare, we strive to pay attention to details to provide the best care and treatment for our patients and respect the privacy of their personal information. However, we are human and errors do happen. How ‘small' or ‘big' does a privacy breach need to be require notification to a regulator? What might be the implications to a business if they must report each privacy breach? Are there other alternatives to mandatory breach reporting that we should consider?

Send me a comment by email and we'll compile the list and add to a future article.

Related Articles:

When is a privacy breach a privacy breach?

Webinar March 25, 2014 – 3 Mistakes in managing a privacy breach

Alberta, healthcare, Practical Privacy Coach, privacy breach reporting

Sharing Your EMR in a Group Practice PMN Replay

Posted on March 2, 2014 by Meghan Davenport in PMN Replay, Practice Management Nugget Interview

Sharing Your EMR in a Group Practice – an interview with Brandon Blanck & Rita Hielema of Microquest.

Recorded live on Thursday, April 24th

Our guests: Brandon Blanck is the Vice President and Fatima Haymour, Client Services Representative of Microquest. Microquest is today's leading practice management software.

Brandon and Fatima shared keys to sharing your EMR Database in a shared practice:

The importance of having a clear understanding of how patient records in a shared EMR database are controlled.
- Know that the Information Manager Agreement between the software vendor and the named individual on the contract are the only individuals that the software vendor can receive instructions on how to manage the records in the database.
- As a group healthcare practice, have a clear understanding and supporting documents that sets out how patient records will be collected, used, and disclosed during the group practice and whenever the membership of the group practice changes.
- Take a pro-active privacy role and inform patients how their information will be protected during the routine practice operations and when healthcare providers are added – or leave – the practice.
- Decide how you are going to decide about the on-going operational changes to how the software will be used in your practice.
Identify in the EMR software who is the primary (or default) healthcare provider for each patient. Talk with your software vendor how best to record this.
It's never too late to start! If you missed creating an Information Management Agreement or Data Sharing Agreement in your group practice, do it now! See the resources for samples that you can use.

You will also hear some stories from Brandon and Fatima about scenarios they have encountered in group practices – the good, the bad, and the ugly of a shared database when a physician leaves.

Resources:

Subscribe to Privacy Nuggets

Learning Resource Guide Sharing Your EMR

Document Management Tip Data Sharing Agreement Healthcare Providers

DT-In-Search-of-Plain-Language-Privacy Statements-in-Practice-Management

Executive SummaryIMA_PatientRecords_SAMPLE

Infographic – IMA Patient Records

Video – What is an IMA?

Replay Audio Only

Replay Audio and Slides

data sharing agreement, healthcare, HIA, IMA, information manager agreement, Microquest, Practice Management Mentor, Practice Management Nugget

Speaker Sheet

Posted on February 3, 2014 by Jean Eaton in Blog, Services, Training, Vendor

Do you collect personal health information?

If so, you know the importance of this sensitive information. Healthcare providers must ensure that every staff member understands their individual responsibility when it comes to handling personal information.

Jean gives you the skills and confidence to handle the elephant in the room!

Jean’s information privacy workshops are ideal for staff members at all levels in any organization or clinic that collects, uses or discloses personally identifying information. This includes direct care providers such as physicians, allied health professionals and associates, privacy officers, as well as other employees and support staff who are not directly involved in patient care.

Choose from these two popular workshops, or request a customized presentation.

Privacy Awareness Training

Improve your patient satisfaction and prevent malicious errors, omissions or attacks that could result in fines and even jail time for the business, healthcare provider, employee, or vendor.

This is a critical workshop for everyone in the health care industry. Jean will engage your people in a fun and practical way to teach the key principles of privacy awareness. Through the use of every day scenarios and group discussion, new and experienced healthcare providers and support staff will learn the essentials of privacy, confidentiality, and security.

Learning Objectives:

Patient and client rights with respect to their personal information.
Key components of privacy legislation.
Safeguards that protect personal health information.
Privacy principles.
Recognize and report a privacy breach.

4 Step Response Plan

Privacy incidents happen! 60% of small and medium business owners go out of business within 6 months after a privacy and security breach. Patients, clients, employees and business partners trust you to keep their private and sensitive information confidential and secure. Properly managing a privacy breach is critical to the continued success of your business. With Jean’s expert guidance, you will learn the critical skills of planning for and responding to privacy incidents, handling them with confidence while mitigating the risks.

Based on her new book, Prevent Privacy Breach Pain, Jean will guide you through the practical “4 Step Response Plan” to help you develop a privacy breach management response plan for your organization.

Learning Objectives:

Contain the breach.
Evaluate the risks.
Notify affected individuals and other stakeholders.
Prevent the breach from happening again.

“When you know better, you can do better.”

Jean L. Eaton,

Your Practical Privacy Coach and Practice Management Mentor

Jean is a recognized and respected leader and expert in health information management, privacy management and legislation. An engaging workshop leader, she provides solutions that are practical and effective for today’s healthcare providers. Jean is passionate about supporting primary care practices to implement privacy by design and best practices to protect privacy, confidentiality, security of personal information.

Jean has helped hundreds of physicians, chiropractors, pharmacists, and other healthcare providers and privacy officers across Canada and the US develop and improve their Privacy Education programs. With over twenty years of experience, she has the knowledge and tools to help any healthcare provider or business improve their information privacy practices.

Book Jean for your next event and see the difference that privacy awareness can make!

Jean is available for keynotes, workshops, presentations, and seminars both in person and online

Email: jean[at]informationmanagers.ca

Your Workshop Package can include:

A 60-90 second promotional video encouraging early registration with key sponsor mention.
A 30-minute preview marketing webinar on a related topic to pitch early registration with key sponsor billing.
Advance interviews of organization members to customize the workshop.
A special sponsor ‘lunch & learn’ seminar event.

A special sponsor ‘lunch & learn’ seminar event.

You may have seen Jean here . . . .

2016 May 10, 2016 Saskatchewan Connections, Regina, SK. “4 Step Response Plan to Manage a Privacy Breach”

2016 March 30, National Privacy & Data Governance Congress, PACC, Calgary. “4 Step Response to a Privacy Breach”

2015 November, American Health Information Management Association (AHIMA), Webinar “3 Mistakes in Managing a Privacy Breach”

2015 September, Corridor Interactive, “Privacy Awareness Essentials: Healthcare”

2015 June Chiro Secure, Webinar, “Email with Patients – What Are the Risks?”

2014 April 15 Edmonton Chapter – Alberta Association of Clinic Managers (AACM) Luncheon, Edmonton, Alberta “Privacy can be fun!”

2014 June 11-12 Health Information Management Association of Alberta (HIMAA) Conference, Edmonton, Alberta “Privacy Breach Management”

2014 November 14 PIPA Connections Conference, Calgary,“How to easily develop your own in-house privacy & security education program”

2014 September 24-26 Ontario Medical Group Management Association (OMGMA) 46th Annual Conference, Gravenhurst, ON. “Engaging Patients in an Electronic World”

Or at an in-service in a healthcare practice!

Practice Management Nugget Webinar – weekly interviews with guest experts

Information Managers Ltd. Webinars – on-line privacy training and courses including

“Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments – A Complete Step-by-Step Course”

E-books authored by Jean L. Eaton

Document Management Tip Series:

Coming soon on Kindle! Prevent Privacy Breach Pain

“Prevent Privacy Breach Pain” Coming soon on Amazon Kindle!
“Patient Health Information For Tax Reporting”
“9 Steps to Hiring Employees in Your Healthcare Practice”
“Hiring Employees Resource Package”
“Archive and Destruction of Patient Records”
“Closing a Physician Practice”
“Data Sharing Agreement Outline for Physician Group Practices”
“Data Migration”
“Privacy Statements in Plain Language”
“Privacy Breach Management”
“Provider-Patient Email Communication”
“Media Training – What to do when s*!#@ hits the fan”
“What is a PIA? (for chiropractors)”
“What is a PIA? (for physicians)”
“Dress Code Policy”

Jean L. Eaton

(Your Practical Privacy Coach)

Jean is constructively obsessive about privacy, confidentiality, and security when it comes to the handling of personal information, particularly in primary health care settings.

Jean has customized and delivered privacy training programs for privacy officers, records management professionals, implementation teams, and healthcare providers across Canada and the US.

You will learn how to use practical pro-active privacy in your practice. Privacy Education program that is actually fun and . . . practical!

Jean has helped hundreds of physicians, chiropractors, pharmacists, and other healthcare providers and privacy officers develop and improve their Privacy Education programs.

You know your practice better than anybody else. If you had the right tips, tools, templates, training and Your Practical Privacy Coach to help you, you can develop a practical Privacy Education program for your office, improve patient satisfaction, meet legislated and college requirements, and prevent big fines (or worse!).

Jean L. Eaton

(Your Practice Management Mentor)

Practice managers working in healthcare want to provide good services and have a profitable business. They have a sense of what they need to do to get there – but often need help with networking and resources. Jean shares templates, user guides, real-life examples, networking, practical resources and mentoring. We give you the confidence to take care of the elephant in the room!

Jean Eaton has worked in health records and primary care organizations for over twenty years, and is an experienced leader in health information management.

She understands that practice managers working in healthcare want to provide quality services and have a profitable business… and is committed to helping practices with the networking and resources to get where they want to be.

Contact Jean to provide workshops and key-note address at your next event!

Available in person and techno-magically using webinars and live streaming.

DT_9_Steps_To_Hiring_Employees_healthcare_Information_Managers_200x300

Download this FREEE-book now! 9 Steps to Hiring Employees for Your Healthcare Practice

DT_Hiring_Employee_image_spiral_Information_Managers_recruit_transpng

Hiring Employees Resource Package – includes templates, training, expert guest interviews – everything you need to prepare to hire.

Coming soon on Kindle! Prevent Privacy Breach Pain

E-books authored by Jean L. Eaton

Document Management Tip Series:

We're here to help and we'd love to connect!

Information Managers Ltd.

Phone: 780.237.7605

Email us. Tweet with us! Connect on LinkedIn. Like us on Facebook.

It's the elephant in the room: your practice depends on your record management, and the privacy and protection of all kinds of confidential information.

But sometimes taking care of this elephant can be a challenge.

We're here to help. Information Managers specializes in health information management, policies & procedures, records management, clinic management, practice efficiency and workflow consultation as well as privacy and security in the Health Care sector. We give you the confidence to take care of the elephant in the room.

We work with office managers, primary care facilities, health service providers and vendors. We ensure that your office practice not only meet legal requirements, but are streamlined and efficient, making sure that all parties involved feel secure about their personal information.

About Jean L. Eaton

Jean is a Certified Health Information Management Professional, Toastmaster and entrepreneur with a BA Administration.

Jean is an engaging workshop leader and provides practical advice that is actually fun and . . .practical. An experienced leader in health information management and privacy legislation, Jean is passionate about supporting primary care practices to implement privacy by design / best practices to protect privacy, confidentiality, security of personal information.

She has addressed Canadian and US audiences by teleseminar, webinar, and live conferences and workshops. Jean has helped hundreds of physicians, chiropractors, pharmacists, and other healthcare providers and privacy officers develop and improve their Privacy Education programs.

Jean is constructively obsessive about privacy, confidentiality, and security when it comes to the handling of personal information, particularly in primary health care settings.

Jean has customized and delivered privacy training programs for privacy officers, records management professionals, implementation teams, and healthcare providers across Canada and the US.

Having worked with health records and primary care organizations for over twenty years, I am an experienced leader in health information management. In the last 7 years my practice has been focused on primary care in Alberta. My consulting service includes physicians, pharmacies, chiropractors and other primary health care providers and Primary Care Networks (PCN).

I have speaking engagements with larger clinics and agencies, professional associations, and university and college training programs for health service providers and administration service providers.

I author Privacy Nuggets, post regular blogs on the Information Managers site, and am a guest contributor to other publications.

I am constructively obsessive about privacy and security when it comes to the handling of personal information, particularly in primary health care settings. I provide webinars, workshops, and consultation on practice management and privacy legislation that are actually fun and . . . . practical.

You may have seen Jean here . . . .

2016 May 10, 2016 Saskatchewan Connections, Regina, SK. “4 Step Response Plan to Manage a Privacy Breach”

2016 March 30, National Privacy & Data Governance Congress, PACC, Calgary. “4 Step Response to a Privacy Breach”

2015 November, American Health Information Management Association (AHIMA), Webinar “3 Mistakes in Managing a Privacy Breach”

2015 June Chiro Secure, Webinar, “Email with Patients – What Are the Risks?”

2014 April 15 Edmonton Chapter – Alberta Association of Clinic Managers (AACM) Luncheon, Edmonton, Alberta “Privacy can be fun!”

2014 June 11-12 Health Information Management Association of Alberta (HIMAA) Conference, Edmonton, Alberta “Privacy Breach Management”

2014 November 14 PIPA Connections Conference, Calgary, “How to easily develop your own in-house privacy & security education program”

2014 September 24-26 Ontario Medical Group Management Association (OMGMA) 46th Annual Conference, Gravenhurst, ON. “Engaging Patients in an Electronic World”

2014 September 16-19 Alberta Association of Clinic Managers (AACM) Annual General Meeting, Canmore, AB.

2014 June 4 Saskatchewan Connections Conference, “3 Mistakes in Managing a Privacy Breach”

2014 May 9 Canadian Counselling and Psychotherapy Association Conference, Victoria, BC. “Managing a Privacy Breach – 3 Mistakes in Managing a Privacy Breach”

2014 Practice Management Nuggets’© webinar series. Weekly interviews with practice managers, healthcare providers, or trusted vendors who support healthcare practices.

2013 April 26 Alberta School Councils’ of Alberta Conference, Edmonton, AB. “Privacy Risks and Kids”

2013 October 26 Literacy and Learning Day Conference, Edmonton, AB. “Privacy Risks for Kids. Is Your Child at Risk?”

2009 June Canadian Health Information Management Association / Saskatchewan Health Information Management Association Conference “Privacy Impact Assessments and the Health Information Management Professional – Leveraging What You Already Know”

2011 May Canadian Health Information Management Association, “Proactive Approach to Privacy, Confidentiality, and Security”, CHIMA CPE Webinar.

2009 – 2014 Private healthcare practices, in-services including “Health Information Act Lunch N Learn”, “Privacy Awareness In-Service”, “ROI (Release of Information) 101”, “Practical Privacy”

2009 – 2015 Information Managers Webinars, in-person workshops throughout Alberta including

“Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments – A Complete Step-by-Step Course”

“Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments”

“Prevent Big Fines (or Worse!) for your Healthcare Practice; Learn How to Plan a Privacy Impact Assessment”

“9 Steps to Hire (and Keep) Employees in Your Healthcare Practice”

“Privacy, Confidentiality, and Security for Medical Offices”

“How to complete a Privacy Impact Assessment”

“Developing Policies and Procedures for Medical Offices”

“Managing a Privacy Breach – 3 Mistakes in Managing a Privacy Breach

“Email and Patients – What do I need to know?”

“Clinic Managers Top 10 Data Privacy To Do List”

Conflict of Interest

All of our recommendations for vendors and service providers are our opinions based on direct experience and communication with colleagues. We do not accept fees from vendors for recommendation of their products or services.

healthcare, Practical Privacy Coach, Practice Management Mentor, privacy, speaker

What’s On Your Privacy & Security List for 2014?

Posted on January 6, 2014 by Jean Eaton in Blog, Past Events

Time to update your Privacy Management Program plan for 2014!

Complimentary Bonus Webinar

Clinic Manager’s Privacy & Security Top 10 List

Includes: Email security, mobile devices, managing vendor agreements, privacy breaches, privacy officer role and responsibility training and more!

Ideal for clinic manager, practice manager, privacy officer in any healthcare setting – a check list of key tasks important to your Privacy Management Program. Resources and links for additional information.

Tuesday January 14th, 2014
12:00 pm—1:00 pm MST

best practice, clinic manager, Health Information Act, healthcare, practice manager, privacy, privacy and security, privacy by design, privacy management program, training

Fax cover page – friend or foe?

Posted on November 25, 2013 by Jean Eaton in Blog

Fax cover pages often act as ‘dividers' to piles of paper – electronic or hard copy. Many offices still receive faxes by hard copy – and this remains the default assumption as the ‘lowest common denominator'. I think that the dividers still serve a purpose.

Perhaps more importantly, there is a common practice that the cover page is the identifier of where the document originated, the intended purpose the information was provided, who the information is addressed, and who authorized the sending of the information.

Often the cover page provides clarity to the identify of the individual the information is about. Many healthcare providers use the cover page as their ‘disclosure log' to meet legislative compliance to clearly document disclosure of health information of a individual. I don't think it is feasible to add the information to the source document.

The receiver of the information needs this information in order to determine if they will accept the responsibility of collecting the information and the purpose for that information.

Perhaps the better approach is to make the cover page more useful – to both the receiving and sending party – by improving the documentation and adding suggested indexing categories. This can be easily generated if the sending party is using an EMR.

See also: Canadian EMR http://blog.canadianemr.ca/canadianemr/2013/11/a-complication-of-paper-faxes.html

best practice, cover pages, disclosure log, EMR index, fax, health information, healthcare, template

Privacy Practice Review

Posted on November 1, 2013 by Jean Eaton in Clinic Manager / Privacy Officer, Established Practice, Services, Vendor

Demonstrate and ensure compliance to your privacy goals. A Privacy Review is an educational and consultative program that serves as a vehicle to identify best practices as well as opportunities for improvement.

Your medical office wants to promote a culture of respect for privacy and information security throughout the organization when providing patient care and accessing and disclosing protected health information.

To demonstrate and ensure continuing compliance to your privacy goals, a Privacy Review, is an educational and consultative program that serves as a vehicle to identify best practices as well as opportunities for improvement.

The Privacy Review is designed to be transparent in order to maximize the opportunity to impart knowledge and effect change.

Each review presents an opportunity to give members of your staff the information and tools that they need to protect patient privacy.

healthcare, Netcare, privacy compliance, reasonable safeguards, security compliance

Is Your Email Secure?

Posted on August 19, 2013 by Jean Eaton in Blog

Mon, 08/19/2013 – 09:07 — jean

Is your email secure? Backed up? If you suddenly lose your email, calendar, or contact list, this could either be a speed bump in your busy day, or a nightmare that may take days or weeks and a lot of money to recover.

If you use email as temporary communications or your primary method of business, it needs to be managed securely. When you or your staff use email from multiple devices – such as your desktop computer, smart phone, or website – you have additional privacy and security requirements.

Many small businesses have purchased an email software system like Outlook as part of their desktop software. Unfortunately, recent software updates from Microsoft do not include Outlook; you are encouraged instead to purchase MS Office 365 software where all of your email is stored on the MS Cloud.

Some businesses use free email accounts – like gmail or yahoo – where emails, calendars, and contact information is on the public cloud. It is accessible from any internet connection but is difficult to back up to a local device that you can control.
If you use email to transact business – employee records, business contacts, company newsletters, subscriptions, financial or consumer purchases, or personally identifying messaging – you need to meet privacy and security requirements.

Previous versions of Windows Server Small Business Server (SBS) edition included Microsoft Exchange so small businesses could create their own in-house email server. This is not included in Windows Server 2012 Essential (SBS replacement). But small businesses still have a few options:

Buy the Microsoft Exchange Server full licenses, although it can be quite expensive
Sign up to Office 365 which is a hosted / cloud based Microsoft Exchange service from Microsoft with email hosted in the USA. Offices will need to determine their level of risk using personally identifiable information in emails – including sensitive information like credit card, payroll, health information, and other sensitive content – which will be stored out of Canada and subject to US legislation and uses.
Contract with a Canadian hosted Microsoft Exchange service with a Canadian based cloud service provider. This might be a cost effective solution and permit full access to email in an environment which is backed up and more easily accessible.

There are many features offered with a hosted email service:

Collaboration is easy as you have access to group calendaring and scheduling, shared contacts, folders and calendars, tasks and task delegation, as well as public email folders.
Fully functional email software.
Sync capabilities to your smart phone without worrying about viruses, spam, or malware, and mail archiving is automatic. Store as much or as little email as you need and do so without dealing with annoying ads.
Anti-phishing, anti-virus, and malware software are attached to each email connection.
No data ‘left behind' on the device – all data is securely maintained in the hosted email. If a mobile device is lost or stolen, business email is not compromised.

You can apply business rules – for example, emails can be prevented from being forwarded to an employee's home gmail account. Employees can securely work from home.
All business data is maintained by the business. So if your employee wins the lottery and doesn't come back to work, all business emails have been maintained in the hosted email and not on an employee's home computer.
Data is encrypted during the internet transmission.

To get a Hosted Email, you will need internet access with a data plan. You can continue to use your desktop computer and its cable internet access. When you use mobile devices, you can use your mobile provider data plan (Rogers, Bell, Telus, etc), or connect to a trusted WiFi connection.

You are still responsible for good security practices at your location including:

Unique user ID and password on your computer network – including mobile devices – and
Good password management – complex passwords that are changed regularly
Physical safeguards to ensure that your work locations – including mobile locations – are secure from theft

Common sense awareness – don't open suspicious phishing or spam emails

Business-class Microsoft Exchange email hosting services mean you're always in touch and up-to-date, in the office or on the road accessing your mobile email.

Things to look for in a hosted email solution vendor:

Canadian provider with data centres only in Canada (Alberta preferable)
Reputable company with proven track record
Contract including:
Termination clause – when the contract terminates, the vendor will:
Notify you in advance of termination
Allow local back up of your data or data transfer
Validate that your data has been completely and securely deleted from the data centre
Encrypted at the data centre – no one at the data centre can read your information and it is secure from someone else hacking into the data centre to steal your data

Confirm your backup plan for your email accounts. If you don't have one, create a plan.

INFORMATION MANAGERS
We are an information management company based in Edmonton, Alberta. We specialize in health information management, records management, practice efficiency and workflow consultation as well as privacy and security in the Health Care sector.
We take care of the elephant in the room.

Alberta, backup, best practice, breach, business associate, cloud service provider, computer network, email, external hard drive backup, health information, healthcare, hosted email solution vendor, privacy, SBS, security, Windows Small Business Server

«‹15 16 17 18 ›

The perfect lunch break for busy practice managers – only 30 minutes and it's free!

‘Creating Leaders at Every Level'© with Lisa Litwinski

Upcoming Events Send me a weekly reminder

Don’t miss an event – Sign up now to receive weekly notices of the next Practice Management Nugget guest speaker. Even if you can’t attend, register anyway and we’ll send you the replay details. Replays will be available for only a limited time.

Practice Management Nugget Event

Leasing Do's and Dont's for Your Healthcare Practice

What is your the trigger date for your commercial lease renewal?

Privacy and Security Awareness Training Webinar

Do you collect personal health information?

Choose from these two popular workshops, or request a customized presentation.

Privacy Awareness Training

4 Step Response Plan

Your Workshop Package can include:

You may have seen Jean here . . . .

E-books authored by Jean L. Eaton

E-books authored by Jean L. Eaton

We're here to help and we'd love to connect!

Information Managers Ltd.

About Jean L. Eaton

You may have seen Jean here . . . .

2009 – 2015 Information Managers Webinars, in-person workshops throughout Alberta including

Register Here