Information Managers
  • Home
  • Services
    • All Services
  • Templates
  • Blog
  • Contact Us
  • Practice Management Success
  • Podcasts

Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments – A Complete Step-by-Step Course

Posted on October 28, 2020 by Jean Eaton in Services, Training

Do you need a Privacy Impact Assessment?

Or do you need to amend an existing PIA?

Privacy Impact Assessments are just one of the requirements you need in order to fulfill your obligations in Alberta’s Health Information Act (HIA) and other legislation and are an important aspect of developing privacy best practices in your office.

And a little help along the way is always a good thing.

Practical Privacy Coach, Jean  L. Eaton of Information Managers, is constructively obsessive about privacy, confidentiality, and security when it comes to the handling of personal and health information, particularly in primary health care settings. Jean has helped hundreds of healthcare providers, vendors, and health and social service delivery organizations and associations complete their Privacy Impact Assessment which have been successfully accepted by organizations' management and regulators. Jean has customized and delivered privacy training programs for privacy officers, records management professionals, implementation teams, and healthcare providers across Canada and the US.

Now you can have access to five modules to help you learn everything you need in order to complete your own PIA.

     

**** New PIA Amendment Track ****

Each module includes a video training, as well as templates, tools, resources and case studies to build on in each lesson. You can use this scenario to guide you through the PIA process in healthcare. If you work in healthcare or privacy or records management and need to do a PIA, this e-course is for you.

 

You need a Privacy Impact Assessment when

  • You  are opening a new clinic or establishing a new health services program.
  • You are changing administrative procedures or technology equipment, services, or vendors
  • You are changing how you collect and use personal information,
  • You are implementing or changing an Electronic Medical Records (EMR)
  • You are sharing health information with another healthcare provider, organization, Primary Care Network or other health program.
  • You want to prevent a privacy breach,
  • You have a Privacy Impact Assessment that was written more than 2 years ago (It is time to review and update this!)

 

If you are a healthcare provider, practice manager, and you need your first Privacy Impact Assessment, this e-course is for you

Are you in a group or solo practice with direct patient care, for example:

  • Physician
  • Pharmacist
  • Registered nurse
  • Optometrist or optician
  • Chiropractor
  • Physiotherapist
  • Midwife
  • Podiatrist
  • Dentist, dental hygienist or denturist
  • Audiologist
  • Mental health practicitioner
  • Laboratory, x-ray, and imaging technician
  • Paramedic

A PIA should be as common place to a healthcare practice as a business plan is to a business. BUT most healthcare practices don’t know this and often don’t know that a PIA is  usually part of their professional college requirements and often even a legislated requirement! Prevent malicious errors, omissions or attacks that could result in fines and even jail time for the business, healthcare provider, employee, or vendor by completing a PIA.

If your Privacy Impact Assessment was written more than 2 years ago this e-course is for you

The Clinic Manager and Physician Lead and Privacy Officer  must ensure its content is updated to reflect the current state of administrative, physical and technical controls.

BONUS! Checklist to update your PIA to meet recent changes to Alberta's Netcare Portal. If your practice has completed a PIA and now you need to update the PIA, you receive a checklist of items that you need to consider to refresh your PIA.

 

If you a vendor that supports healthcare practices this e-course is for you

BONUS! One hour tele-consult with Jean, “Create a branded Privacy Impact Assessment Readiness Package”. Jean will work individually with you to review your documentation and coach you on how to prepare the package to give to healthcare practices.

BONUS! Vendor PIA live webinar includes Vendor non-disclosure agreement, Information Manager Agreement, GAP Analysis, Computer Network Narrative templates.

 

Jean has helped hundreds of physicians, chiropractors, pharmacists, and other healthcare providers complete their Privacy Impact Assessment. She has visited hundreds of practices across Canada. But time and geography limit my ability to visit each healthcare practice that needs a PIA. That's why I developed this on-line interactive course to help you learn everything you need in order to review, amend, or create your own PIA. Each module includes a video training as well as templates, tools, resources and two common case studies to build on each week. You can use these scenarios to guide you through the PIA process.

You know your practice better than anybody else. If you had the right tools, at the time most convenient for you and a mentor to help you, you can develop good office practices, meet legislated and college requirements, and successfully complete your Privacy Impact Assessment requirements.

Using a Webinar on-line interactive program, you will get great content and mentoring from Jean Eaton and once a month during the Q&A live training webinars. Learn the PIA process with these modules.

The modules include:

Module 1:

PIA to Protect Your Practice, Your Assets, and Your Patients

 

Module 2:

Information Flows–-the Foundation of Your PIA

 

Module 3:

Risk Analysis and Mitigation Strategies

 

Module 4:

PIA Format - Pulling it All Together

 

Module 5:

Complete Your PIA Submission

BONUS Module 6:

Create a Branded Privacy Impact Assessment Readiness Package

The replays, tools, and resources will be available to you right away.

If you are new to this field, I suggest that you first register for Privacy Awareness in Healthcare: Essentials to master the key definitions and concepts.

Corridor_Privacy_Awareness_In_Healthcare_banner

Privacy Awareness in Healthcare: Essentials

 

Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments –

A Complete Step-by-Step Course

5 Core Modules, Templates, Training, and Tools to Get Your PIA Done!

Monthly Live Q&A Training Webinars

$450.00 (plus GST)

Purchase e-course

 

You will get

  • Learning Resource Guide for EACH module – how-to explanations, templates, and resource lists
  • Checklists to help you plan your PIA
  • MindMap of the entire PIA process
  • PIA project plan timeline templates
  • Checklists of  personal and health information privacy and security policies that you need in your practice
  • Many examples of projects in medical, dental, chiropractic and more practices including new PIA project and PIA amendments.
  • Explanation and real-life examples of key terms that you need to know and include in your PIA
  • Strategies and templates of risk management assessments that you can customize
  • This E-course might qualify for CPE credits, too!

 

BONUS!  Monthly live Q&A webinar training with Jean to help you get un-stuck with your PIA.

BONUS! Checklist to update your PIA to meet recent changes to Alberta's Netcare Portal.

BONUS! Private discussion group with other registered participants of this course to network and support each other on your PIA journey and continue to help you after this course closes.

BONUS! Regular updates of privacy resources and templates that you can use.

 

If you hired a consultant to do the work of the PIA process for you it may cost you as much as $3,000!

And then…when the consultant is done, they take their knowledge out the door with them.

Invest only $450 in this course and you'll have what you need to do your first PIA project today…and every project in the future!

Jean Introduction Ecourse PIA (1)

I had the pleasure of working alongside Jean to develop a PIA for my Dental Office. I could not have completed this document without her. She was there to help me every step of the way. Her online course made it easy to communicate with her as well as having so many resources to use that were so helpful. Each Module had videos to watch that explained step by step what needed to be done. The PIA document is a lot of information to put together and if it's not enough information on its own, you also need to develop a policy and procedures manual. Jean has developed an amazing resource for this manual that was very user friendly and made a 300 page manual a lot more attainable than creating it on your own. I highly recommend taking Jean's PIA course and having her help throughout the process!”

~~Lindsey Cave, Office Manager, Orion Dental Group

 

What people are saying about our PIA e-courses and in-person workshops:

Q: What did you learn from this workshop?

Participant's Responses:

  • Understanding of need / use of Information Management Agreement's and an ‘Evaluation” agreement.
  • Lots – when / how to make amendments.
  • Compliance / requirements of PIA and their purpose.
  • PIA information; agreements, updating.

 

Q: What do you feel was the biggest benefit to attending this workshop?

Participant's Responses:

  • Understanding a PIA.
  • Having a better understanding of PIA's and everything included in requirements.
  • Gain a better overview of my PIA and what I need to add; organizational strategy.
  • Clear vision of work to be done.

“When Jean told us about the Protest Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments E-course and explained how the course will help us better understand the Health Information Act, our responsibilities as healthcare providers and our relationship with our vendors and partners, I signed up right away! Thanks again – it is no doubt that we have hitched our wagon to a shining star.”
~~Bill Stowe, Business Manager Synergy Respiratory & Cardiac Care

“This was my first ever time I had to work on a PIA and I was a little nervous about doing it efficiently – but you really made it as simple and straight forward as possible. Thank you for being available for my questions when I had them. I would easily recommend Privacy Impact Assessments to Protect Your Practice course for anyone to do their own PIA's! Thank you so much!”
~~Karen Sarabura, Clinic Manager and Privacy Officer, CGA Medical Imaging, Alberta

“I attended the Privacy Impact Assessment Walk-through workshop (for ARMA members). Jean shared resources and on-going networking opportunities. The biggest benefit to me is to know that there is help out there in moving forward with our Privacy Impact Assessment responsibilities.”
~~Ellen Sauvé, Parkland County

Comments from other E-course participants:

“Learning about how all the information gathering systems interact was the most valuable part of this workshop”

“Excellent presenter – variety of learning opportunities.”

“Jean is an excellent speaker and I enjoyed the audio seminar you gave today and I learned a lot from your seminar.”
~~Annette T (AHIMA webinar, Three Mistakes in Managing a Privacy Breach”)

“Jean Eaton is one of those ‘critical suppliers' you keep in your email contacts list, no matter what company you manage. She really knows her stuff and delivers prompt, accurate information on time. Her courses are interesting, informative, and I like the opportunity to meet with classmates who have similar challenges.”
~~Kevin Morris, Shape MD, Team Leader/Office Manager

 

Buy e-course

In-Person Workshops Are Now Available 

Are you a hands-on kinda person?

Are you more likely to get things done when you schedule your time for a working meeting?

Would you like help to kick-start your PIA amendment and review with other like-minded clinic managers and privacy officers?

PIA Amendment Workshops are available. Send a request to me and let's set up a workshop near you! You also get full access to the on-line course to support you after the workshop.

 

 

Not sure if the E-course is for you?

Jean will answer your questions in the free webinar, 

 

Prevent Big Fines (or Worse!) for Your Healthcare Practice

How to Plan a Privacy Impact Assessment for Your Healthcare Practice

with Jean L. Eaton
Replay Recorded Live

This webinar is for Privacy Officers, Clinic Managers, Practice Managers and anyone else responsible for doing a PIA.

You will learn what is getting in your way of getting your PIA done!

In this free webinar, you will learn:

  • 5 Manageable Steps of every PIA
  • 3 Biggest Myths about PIA’s that is preventing you from completing your PIA
  • Questions Privacy Officers, Clinic Managers, Practice Managers and Healthcare providers should ask about PIA’s but don’t
  • Biggest fears about doing a PIA and how you can kick it to the curb so that you can finally get it done

Join us for the webinar so that you can plan your PIA for your healthcare practice!

Sign me up for this FREE webinar

Get Free Access Now Arrow

Please provide your email address below and you will be re-directed to the webinar replay right away.

Check your email in-box to confirm your registration!

 Along with your webinar registration, you will also benefit from the occasional Privacy Nugget tips by email of similar privacy resources and articles that you can use right away!

 

Alberta, amendment, breach, employee training, ePIA, ePrivacy, Health Information Act, healthcare, HIA, PIA, PIA process, Practical Privacy Coach, Privacy Impact Assessment, privacy officer training, templates

Balancing Privacy and the Public Interest

Posted on January 30, 2018 by Jean Eaton in Blog

The 2018 Congress is your opportunity to explore leading issues at the crossroads of privacy, access, security, law and technology. Network with peers and colleagues from industry and government to explore this year’s theme — The Road Ahead — Balancing Privacy and the Public Interest. Get a clearer view of how privacy, access, security, compliance, law and technology intersect, and why that matters to you, your career, and your organization.

The PACC Congress takes a refreshingly pragmatic approach.  We think it’s important to offer a truly varied assortment of perspectives and experiences — that offer practical guidance. Speakers from different locations, industries and organizations offer a range of views that are never the same-old, same-old.

The Congress is a unique professional development opportunity. Sessions are longer than at most conferences, and formal presentations are shorter — so that speakers have plenty of time to present their views, and delegates have time to ask questions and get real, unscripted answers. To accomplish that — and because the Congress is about quality, not quantity — registration is strictly limited.

Register now to get Early Bird Rates!

[clickToTweet tweet=”Are you going? 2018 National Privacy and Data Governance Congress. #PACCongress @PACC_CCAP #Privacy” quote=”Learn, share and network at the 2018 National Privacy and Data Governance Congress.”]

Topics Include:

  • The Virtual Fishbowl and the Future of Privacy – Will Artificial Intelligence, Automation, the Internet of Things and Block Chain Technologies Protect Privacy, or Destroy It?
  • Authentication & Beyond
  • Baked In – Not Sprinkled on Top: Practical Privacy Pointers
  • Privacy and Impact Assessment Fundamentals
  • Professional Development Workshop — Breach Response
  • GDRP
  • and more!

Click here to see the complete agenda

 

Continuing Professional Development Credits

The PACC is a membership association and credentialing body for anyone in the field of information access and privacy regardless of their career progression. The Congress has been approved for Continuing Professional Development credits applicable by the Law Society of Alberta, Law Society of Upper Canada, and the PACC Certification Board, and may qualify for CPD credits from other organizations as well.

Join industry experts, risk management professionals, thought leaders and regulatory authorities to explore critical connections between privacy, access, security and compliance. March 6-8,  2018 in Calgary, AB

 

 

Join speakers, delegates and thought leaders with shared interests in privacy, access and security. Colleagues from public and private institutions, federal, provincial and territorial governments, industry, academia and regulatory authorities will meet in a relaxed setting to enjoy workshop, breakout, keynote and plenary sessions.

Congress 2018 takes a refreshingly practical approach. Breakout sessions are longer than at most conferences, but formal presentations are shorter. Speakers offer practical examples and case studies.

Who should attend the National Privacy and Data Governance Congress?

  • privacy officer
  • security officer
  • access and disclosure administrators
  • compliance officer
  • FOIP Co-ordinators
  • human resources manager
  • insurance agents
  • healthcare administrators, health information management
  • medical ethicists and genetics
Register with PACC for the National Congress

You will be directed to the PACC website to register.

The Congress Agenda is now available here.

#PACCongress, compliance officer, FOIP Co-ordinator, National Privacy And Data Governance Congress, Practical Privacy Coach, Privacy and Access Council of Canada, privacy officer, security officer

10 Key Steps To Prevent a Privacy Breach

Posted on January 6, 2018 by Jean Eaton in Uncategorized

Protect your business from errors, omissions, or attacks that could result in complaints, fines and even jail time!

Stop taking privacy for granted and start thinking how you can improve privacy for your business. It doesn't take a lot of effort to improve privacy in a big way.

Discover the top 10 key steps that you can make right away to prevent a privacy breach.

10 Key Steps To Prevent a Privacy Breach
10 Key Steps to Prevent a Privacy Breach

 

 

 

 

 

 

 

Get instant access here

You will also benefit from the occasional Privacy Nugget tips by email of similar privacy resources and articles that you can use right away!

 When we know better, we can do better…

Jean Eaton is constructively obsessive about privacy, confidentiality, and security especially when it comes to the handling of personal health information. If you would like to discuss how I can help your practice, just send me an email. I am here to help you.

Jean L. Eaton
Your Practical Privacy Coach
INFORMATION MANAGERS
Document Management Tip, Practical Privacy Coach, prevent a privacy breach

Should You Change Your Passwords?

Posted on October 26, 2017 by Jean Eaton in Blog

Passwords are everywhere! It is the minimum security safeguard for all our devices – from our computers to ATM banking, to voice mail to security alarms.

But how secure are your passwords?

Passwords that are easy to ‘hack' or guess are opportunities for attackers to access personal or sensitive information or install malware (malicious software).

We are plagued by the necessity to remember a multitude of passwords. Some websites have basic complexity requirements and others do not. Some require you to change your password on a regular basis. We need different passwords for banking, social media, shopping, and just about anything online.

Keeping track of all these passwords can be a nightmare and the worst thing you can do is make them all the same.

One solution is to use a password manager. A password manager is a locally installed software applications that you can have on your computer and your mobile devices. It assists you to create and retrieve complex passwords on demand for all of your on-line (and off-line) user accounts from your Fracebook to your bank accounts.

There are a number of password managers that help store all of your accounts such as Dashlane, LastPass, 1Password, KeePass, RoboForm, Keeper Password, Sticky Password, and True Key.

Your password manager account is controlled by a single strong master password to unlock your “vault” of individual account passwords.

What is the best password manager?

David Papp, Your Tech Expert, knows that technology is the key to getting business done!  

Join us for the Free 15 Day Privacy Challenge for David's recommendations on the best password manager system AND a free tutorial from My NAMS!

We are proud to be a Champion of National Cyber Security Awareness Month #CyberAware #15DayPrivacyChallenge

NCSAM Champion

 

 

 

#15DayPrivacyChallenge, #CyberAware, David Papp, My NAMS, password managers, passwords, Practical Privacy Coach

What is an Information Manager Agreement (IMA)?

Posted on October 25, 2017 by Jean Eaton in Blog

Having a clear agreement of how patient records will be maintained to ensure privacy, security, and confidentiality in a paper based patient record or in a shared EMR database is the objective of an Information Manager Agreement. This may also be called a Data Sharing Agreement, Information Sharing Agreement, or Business Associate Agreement.

Prenuptial Agreement

In a group healthcare practice, have a clear understanding in writing that sets out how patient records will be collected, used, and disclosed during the group practice is critical to the security of the patient information, health service provider information, and good will between members of the group practice. Think of this as the ‘prenuptial' agreement in your business relationship.

Who is an Information Manager?

In Alberta, the Health Information Act (HIA) defines an information manager.  Generally, it is a special kind of an affiliate, usually a business or a vendor, who provides a service that does some specific task (authorized by the custodian) with health information.  This could be a billing agent, accredited billing submitter, outsourced transcriptionist, EMR vendor or other service provider.

If you are using an EMR vendor, the named individuals on the IMA are the only persons that the software vendor can receive instructions on how to manage the records in the database. Often, this is the physician lead and business owner.

Sometimes, the custodian is also the information manager. For example, a physician (custodian) and business owner may assume the responsibility of ensuring the security of all the patient records authored by other custodians in the group practice.  The physician / custodian / business owner / information manager must follow all the rules of the IMA and HIA.

Not every healthcare practice has an information manager.  Some group practices have many information mangers providing different services.  There are many details and options to consider.  The discussion–and then putting it in writing–is the key to positive business relationship and secure records management.

Avoid surprises – and nasty exits

Some tips to prevent surprises:

  • Take a pro-active privacy role and inform patients how their information will be protected during the routine practice operations and when healthcare providers are added to – or leave – the practice.
  • Decide how you are going to decide about the on-going operational changes to how the software will be used in your practice.
  • Identify in the EMR software who is the primary (or default) healthcare provider for each patient. Talk with your software vendor how best to record this.

It’s never too late to start! If you missed creating an Information Management Agreement or Data Sharing Agreement in your group practice, do it now!

See the Digital Resources for samples that you can use.

Infographic_IMA_Patient_Records_Image

Clinic on the Infographic to download

Download our Infographic, “What is an IMA?”

 

 

 

 

 

 

Watch the Video

business arrangement agreement, data sharing agreement, Health Information Act, HIA, IMA, information manager agreement, information sharing agreement, PIA, Practical Privacy Coach, Privacy Impact Assessment

Email Phishing

Posted on October 25, 2017 by Jean Eaton in Blog

Don't get caught on the phish-hook!

Did you know – 1 in 95 emails sent to small and medium sized businesses (SMB) include malware that can include ransomware or other malicious attacks. (source: Symantec)

There are many creative ‘cyber bad guys' who love to trick you into providing your personal information. You need to educate yourself about the kind of scams out there, and take heed to prevent a cyber attack.

Employees are still widely considered to be the weakest link in any security infrastructure,so it’s no surprise that phishing remains so popular and effective. The fact is, good phishing email looks just like regular messages from people we know and care about, and to make matters worse, it can also be difficult to detect.

When it comes to phishing, prevention is the best defense. Investing in employee education and training now can save you a great deal of time and effort further down the line.

Let's look at the most common kinds of cyber assaults:

  • Spam email includes large amounts of unsolicited emails that can annoy you, cause you to waste time, and slow down your internet communications.
  • Phishing emails look like they come from a real company you know and trust. The sole purpose of a phishing email scam is to trick you to go to a fake website that looks real, and enter personal information that gives the attacker access to your data.
  • Spear-phishing is a targeted attack. It looks real because the perpetrators use accurate-sounding information to trick you into providing more of your personal data. The attack may be launched when you open the email or attachment (it looked real, right?), or when you followed an external link. The attackers use malware-compromised systems or credentials to steal data and sell it on the black market.
  • Ransomware is a cyber attack that often uses phishing to access your network. This attack relies on users to make mistakes even if your network has antivirus software installed. The attackers encrypt your computer network (and any backup devices connected to your network) that prevents you from opening any of your computer data. The attackers hold your data ransom until you pay their hostage demands.

Many businesses admit to being attacked. It only takes one person in an organization to open an attack email, and everyone is impacted – possibly by a data breach, definitely by the time and money it takes to contain and report the attack.

It is essential to train your employees to help them identify an attack and prevent a breach.

 

Do you want more tips and resources like these – for FREE?

Join us for the Free 15 Day Privacy Challenge for more tips, tools, and templates that you can use right away!

We are proud to be a Champion of National Cyber Security Awareness Month #CyberAware. #15DayPrivacyChallenge.

NCSAM Champion

#15DayPrivacyChallenge, #CyberAware, cyber secruity, email phishing, Practical Privacy Coach

Top Tips to Improve Your Computer Security

Posted on October 24, 2017 by Jean Eaton in Blog

Think about a medieval castle. A moat surrounds high walls, protected by soldiers behind battlements. There is likely a drawbridge and a portcullis, and slitted windows for archers. These layers of defences keep the castle safer than if the inhabitants rely on only one strategy for defence.

Your computer is no different.

A password-protected computer, for example, may be compromised if you share the password. But if your data is also encrypted, a potential breach can be averted. Like a moat and a portcullis, layers of protection help to make your computer defenses stronger.

Here are some hints to ensure your computer system is well-defended:

  • Purchase business-grade computers. Manufacturers embed additional security features into commercial-grade equipment.
  • If you use multiple operating systems, like Apple mobile devices and Windows-based desktop computers, you need to address another layer of security. Good policies and default settings for one system may not apply to the other. Here is an article about the importance of layers of safeguards when using multiple systems.
  • Create unique user accounts. Make it easy for multiple users to switch users on the same computer instead of sharing passwords.
  • Users should have access to data on a ‘need to know' basis. If your computer network uses shared access to files, decide who needs access (and who does not) to each type of file. For example, everyone should have access to the policy and procedure manuals and forms, but only a few people need access to payroll information.
  • Set permission levels for folders with sensitive information.
  • Review and update the security settings on your wireless router – and change the WiFi password.

 

Do you want more tips and resources like these – for FREE?

Join us for the Free 15 Day Privacy Challenge for more tips, tools, and templates that you can use right away! Hurry – registration closes soon!

We are proud to be a Champion of National Cyber Security Awareness Month #CyberAware. #15DayPrivacyChallenge.

NCSAM Champion

#CyberAware, computer security, Practical Privacy Coach

Do You Have a Website for Your Business or Club?

Posted on October 23, 2017 by Jean Eaton in Blog

If you manage a website for your business or club, you need to ward off hackers with an airtight security system on your website.

From our sponsor, MyNAMS , check out Hacker Attacker with Regina Smola – How to protect your website before and after you have been hacked.

Understand the layers of security needed on your website to protect yourself and your customers.

If you have an online business or a bricks-and-mortar business with a website or social media, these tools will quickly get you from start to smooth sailing.

 

Do you want more tips and resources like these – for FREE?

Join us for the Free 15 Day Privacy Challenge for more tips, tools, and templates that you can use right away! Hurry – registration closes soon!

We are proud to be a Champion of National Cyber Security Awareness Month #CyberAware. #15DayPrivacyChallenge.

NCSAM Champion

#CyberAware, 15 Day Privacy Challenge, computer security, Hacker Attacker, MyNams, Practical Privacy Coach

Secure Computer Backup

Posted on October 22, 2017 by Jean Eaton in Blog

You know that Joni Mitchell song, Big Yellow Taxi? “Don't it always seem to go that you don't know what you've got 'til it's gone.”

This couldn't be more true than when your computer crashes. It's a terrible feeling when your software or hardware suddenly doesn't work, or you can't find an important file you know you had last month. This experience can be a speed bump on your busy day, or a nightmare that takes you days and weeks, and a lot of money, to recover.

Good business practices include having regular backup of your key documents, bookkeeping, website, emails, and databases including your Electronic Medical Record (EMR). If your information is personal or sensitive – to you, your client, or your business – the backup should also be encrypted.

Your backup plan should include a backup of your information in a separate location than the source documents. In case of a catastrophic failure – including bad weather, fire, theft – you can access your key information assets quickly. You could manage the backup yourself or outsource it to a remote backup provider.

Where is your encryption key? 

Your encrypted backup files need a ‘key' or algorithm to de-encrypt the files so that you can read and access the information. Have you kept a copy of the encryption key in the same place as your source documents? Or have you kept the key in a separate location – away from the source documents and away from the backup files? Have you recorded in your disaster plan how to retrieve the key?

Where is your Encryption Key?  Information Managers

Cybersecurity is for all businesses – even if you are not using social medial or have a website! Many small business think that they are too small to be attacked – not true! Not reviewing your security practices and keeping up to date can leave your small business vulnerable to attacks.

Remember to change your clocks for daylight savings time – and get into the habit to review your backup. Check to make sure that it includes all the information that it should and that you can restore the backup to a clean machine.

What will you do to improve your computer backup plan?

Do you want more tips and resources like these – for FREE?

Join us for the Free 15 Day Privacy Challenge for more tips, tools, and templates that you can use right away!

We are proud to be a Champion of National Cyber Security Awareness Month #CyberAware. #15DayPrivacyChallenge.

NCSAM Champion

#15DayPrivacyChallenge, #CyberAware, #NCSAM, computer backup, Practical Privacy Coach, privacy

Email Confidentiality Notice

Posted on October 16, 2017 by Jean Eaton in Blog

October is CyberSecurity Privacy Awareness Month!  Information Managers is celebrating by hosting our annual 15 Day Privacy Challenge.  The 15 Day Privacy Challenge is a fun, no cost educational opportunity on privacy and security.

Privacy Challenge #1

Take a quick look at your email address book: how many Jennifers and Toms do you see? Even uncommon names can show up more than once, and it’s easy to send an email to the wrong person by mistake.

Mistakes happen. But from a privacy perspective, it’s important that our email recipients know what we want them to do should we make an error of this sort. So it’s vital to include some guidelines in the form of a confidentiality notice.

Consider the following elements of a well-crafted confidentiality notice:

  • State your email privacy policy.
  • Encourage the recipient to inform you should an error occur.
  • Thank them for letting you know about any mistakes.
  • State that you believe their privacy is important, and that you will take every step necessary to correct the error to prevent it from happening again.

Does your email signature block and fax cover sheet include these points?

Do you want to enjoy the benefits of the internet without the fear of cyber attacks and privacy breaches? 

Join us for the Free 15 Day Privacy Challenge for more tips, tools, and templates that you can use right away!

We are proud to be a Champion of National Cyber Security Awareness Month #CyberAware.

 

#15DayPrivacyChallenge, #CyberAware, e-mail confidentiality statement, Practical Privacy Coach, privacy
123›»

Search the site

What is the elephant in the room?

The Elephant in the Room Find out here...

Privacy Policy

Thank you so much for the webinar [on Privacy Breach]. It was very informative and thought provoking.

- Sheryl McCormick, Executive Director, Cold Lake Primary Care Network

Register for Free On-line Privacy Breach Awareness Training!

Privacy Policy

Copyright 2020 Information Managers Ltd.