Privacy Awareness Week 2019

Posted on May 7, 2019 by Jean Eaton in Blog

Privacy Awareness Week (PAW), an initiative of the Asia Pacific Privacy Authorities forum (APPA), is held every year to promote awareness of privacy issues and the importance of protecting personal information. This year, Privacy Awareness Week is celebrated May 6-10, 2019.

Protect Your Organization and Your Patients

Equip your staff with the information they need to confidently and correctly handle personal health information.

Healthcare businesses need privacy awareness training to support key policies, procedures and risk management programs need a privacy awareness training program.

Reasonable Safeguards

As an employer and health care provider, you are responsible to provide training to all of your employees about privacy awareness.

If you don’t provide the training, or if the employees don’t understand the policies and there is a privacy breach, then the healthcare provider is more likely to be held accountable under the legislation and face penalties including fines and even prison!

Patients value the privacy and security of their information.

Healthcare providers and clinic managers value privacy and security, and they value not having adverse results as a lack of compliance or patient safety issues.

Privacy Awareness Quiz

Patients trust their healthcare providers with their sensitive, personal, and financial information.

If patients don’t feel that the healthcare provider will keep their information confidential and secure, patients may choose not to share their information which may impact their healthcare and treatment.

When we are privacy aware, we can better respond to patients’ questions and build their trust in the quality of services that we provide.

Avoid Fines

On August 31, 2018, amendments to the Health Information Act (HIA) came into force that introduce a fine of not less than $200,000 for a person who fails to take reasonable steps in accordance with HIA regulations to maintain safeguards to protect against reasonably anticipated threats to the security of health information (sections 107(1.1)(a) and 107(7)).

SAY NO TO SNOOPING! If an individual affiliate knowingly breaches the privacy and security of health information, and the custodian can demonstrate that reasonable safeguards (including privacy awareness training) were in place, the individual affiliate can be charged under the Health Information Act. Fines of up to $50,000 per may be applied to the individual in addition to other sanctions from their employers and/or their professional regulatory colleges where applicable. (HIA s.107)

What Will You Do To Be More #PrivacyAware?

Join Information Managers for Privacy Awareness Week! May 6-10, 2019. #PrivacyMatters!

Information Managers would like to spread the message of #PrivacyMatters to raise privacy awareness in healthcare everyday.

Share these resources in your healthcare practice to keep privacy top-of-mind and demonstrate your commitment to privacy awareness!

Privacy Awareness in Healthcare: Essentials

Improve your healthcare practice with privacy awareness education.
#PrivacyAwareness training in healthcare to support key policies, procedures and risk management programs.

Grab this from Corridor Interactive!

Special Privacy Awareness Week Pricing! EXTENDED!

Hurry! Expires soon!

Grab Your Privacy Awareness Training

Download Your Privacy Awareness Quiz!

Common scenarios in healthcare.

Grab Your Quiz

I Heart Privacy! #PrivacyMatters

Print badges for your team.

Or, use the done-for-you sheet of labels that you can print right away and slip into badge holders or print to stickers or labels.

You can even customize the labels and add your business name!

Instant Download Here

Download Your Monthly Privacy and Security Awareness Audit Template

Grab Your Free Privacy and Security Monthly Audit Template

#PrivacyMatters, health, healthcare, privacy awareness, training

Do you want to enjoy the benefits of the internet without the fear of cyber attacks and privacy breaches?

Posted on September 11, 2017 by Jean Eaton in Archive

Is this you?

Paul clicked on a link in an email that encrypted all his data on his computer and now he has to pay a ransom to get the data back.

Mary used her work email address to register for the course, “Ready to leave your job?” Now her boss thinks that she is looking for a new job.

Alice did not follow your clinic policies and procedures properly and she left a confidential message with the wrong patient.

Bob is a new employee and will start his orientation tomorrow.

They each use the internet for their personal lives and as an employee. You need to know the best practices on the internet and how to protect your personal information. It's easy once you know how!

The 15 Day Privacy Challenge is a fun, FREE online educational opportunity on privacy and security that you can use at home or at work. Enjoy the benefits of the internet without the fear of cyber attacks and privacy breaches when you use these practical tips, tools, and resources.

This free online course is ideal for businesses, healthcare practices, or clubs and their privacy officers, employees, and their families.

The course is free – there is no risk to you and you will see that the 15 Day Privacy Challenge is the perfect way to make small changes easily that can improve the privacy and security of your information right away!

We are official champions of the National Cyber Security Awareness Month (NCSAM). October is Cyber Security Awareness Month and Information Managers is celebrating by hosting our annual 15 Day Privacy Challenge.

The 15 Day Privacy Challenge starts October 15th, for fifteen days.

The challenge includes tasks centered on a privacy or security best practice. Each challenge includes a short description about why this practice is important, how to get started, and links to additional resources. Each challenge will take approximately 15 minutes to complete. All activities are online and accessible from any internet enabled device.

[clickToTweet tweet=”Practical #privacy and security tips for home or office – FREE! #15DayPrivacyChallenge #CyberAware” quote=”15 Day Privacy Challenge – Practical privacy and security tips for the internet enabled home and office – FREE!”]

Businesses and healthcare providers are legally responsible to ensure that every employee, contractor, and vendor receives privacy and security training, including cyber awareness. Prevent malicious errors, omissions or attacks that could result in fines and even jail time for the business, healthcare provider, employee, or vendor by being up to date on privacy and security best practices.

Training is the cornerstone of every privacy and security program.

People love games, challenges, and cyber competitions to create variety and interest in privacy and security best practices. The 15 Day Privacy Challenge uses a variety of multi-media content that everyone in your practice can understand. Privacy awareness training alone won’t guarantee that mistakes or errors in judgement won’t happen, but Privacy Awareness Training is your logical first step.

The 15 Day Privacy Challenge starts October 15th, for fifteen days.

The 15 Day Privacy Challenge includes easy to access on-line resources delivered each day. You will have access to all of the resources for one year on the website.

BONUS – access to discussion group with other participants to share your tips.

What People Are Saying

Don't just take it from us, here is what previous participants are saying:

“The 15 Day Privacy Challenge has given me some additional information on day-to-day responsibilities that I hadn't considered until now. Each Privacy Challenge has been so informative and I've been sharing it with our office staff.”

Vera. Alberta Health Services

“The 15 Day Privacy Challenge has made me aware of the policies that my facility needs to update/create!”

Rachel Worthing, CHIM, Ontario Shores Centre for Mental Health Sciences

“The 15 Day Privacy Challenge has given me some great resource information and helped me to identify the areas that I need to work on. I found value in almost all of the Privacy Challenges, but I would say Risk Assessment, Social Media, Email Phishing and Spam, and Confidentiality are the top four.”

Sharon

The 15 Day Privacy Challenges includes:

Posters
Short articles with practical information
Videos
Infographics
Links to additional free resources
Certificate of completion

The 15 Day Privacy Challenge includes practical tips on:

Confidentiality
Privacy Collection
Manage USB Sticks and Mobile Devices
Computer Backup
Computer Security
Spam email, Phishing emails, Spear-phishing
Privacy Officer Education
The Right to Access Your Own Personal Information
Change Your Passwords
Employee Orientation
Social Media
Risk Assessment
Privacy Breach Reporting

At the end of the challenge, you will receive a printable certificate of completion. Successful challengers might also find that this qualifies for CPE credits, too!

You will also have many more tools to add to your privacy tool box!

You can do this yourself or make it a team event. The finished tasks and poster will contribute to your business' Privacy Management Program. Proudly display your poster to your co-workers and customers to show the steps you have taken to manage privacy and security.

The course is free – there is no risk to you and you will see that the 15 Day Privacy Challenge is the perfect way to make small changes easily that can improve the privacy and security of your information right away!

Register right away while this is fresh in your mind! You won’t want to miss a single one!

Yes, I'm ready to take the Privacy Challenge!

Includes the webinar on October 19 – Do Your Club Volunteers Protect Your Privacy?

Along with your webinar registration, you will also benefit from the occasional Privacy Nugget tips by email of similar privacy resources and articles that you can use right away!

#15DayPrivacyChallenge, #CyberAware, #NCSAM, 15 Day Privacy Challenge, healthcare, Practical Privacy Coach, Practice Management Mentor, privacy, privacy awareness, privacy officer, security, security awareness, training

Privacy Awareness in Healthcare: Essentials

Posted on May 15, 2017 by Jean Eaton in Blog, Services, Training

Privacy Awareness Training

As an employer and health care provider, you are responsible to provide training to all of your employees about privacy awareness. If you don’t provide the training, if the employees don’t understand the policies and there is a privacy breach, then the healthcare provider is more likely to be held accountable under the legislation and face penalties including fines and even prison!

Protect your organization and your patients. Equip your staff with the information they need to confidently and correctly handle personal health information. Healthcare businesses who want employee and supervisor level privacy awareness training to support key policies, procedures and risk management programs need a privacy awareness training program.

“Privacy Awareness in Healthcare: Essentials” training is a 2 part, on-line training program for healthcare providers, support team, and vendors to confidently and correctly handle personal health information and to recognize and report a privacy breach.

If You

work in healthcare or social services
are a member of a health profession or work with healthcare professionals
are a business vendor, contractor, or provide services with a healthcare or social services organization

You Need Privacy Awareness in Healthcare: Essentials

You will

Understand patient and client privacy rights.
Respect personal health information and your obligations.
Confidently and correctly handle personal health information.
Use reasonable safeguards to protect personal health information (PHI).
Recognize and respond to a privacy breach
Support key policies, procedures and risk management programs in your healthcare practice.

Interactive Online Learning Experience provided by Corridor Interactive

Corridor Interactive’s Buy Now Training Programs give you access to the most current information available, at your convenience. Complete your course all at once, or in multiple sessions from any location – it’s up to you. All you need is an internet connection and an email address to get started…it’s that easy!

Fits into your schedule – you can start, pause at anytime, and return to the course exactly where you left off.
Easy to use – navigation buttons makes it easy to continue to the next topic or pick and choose the order that you want to see the content.
Get started immediately – the entire course is ready for you!
Work at your own pace – you have access to the course for three (3) months. Most students complete the course in under 2 hours.
You can listen to the narration for each module.
Practical examples, too, to make it easier for you to apply what you have learned in the course to your job.
Links to extra resource material and websites related to your topic of study, to peruse at your convenience.
A printable Certificate of Completion, available as soon as you successfully complete your course.
An audit trail and record of your course activity and training history.
Self-directed learning features including the ability to pause your course at any time and resume later, right from where you left off.
Unlimited access to your course and resources for the duration of your subscription term.
Technical support with a one-business day turnaround for end-user support help and questions.
Automatic emails when you complete your course, or reminders if you have not completed.
This course is pre-approved by the International Association of Privacy Professionals (IAPP) for 2.5 Group A Continuing Professional Education (CPE) credits for CIPP/C, CIPM, and CIPT-certified individuals.

Developed by Corridor’s team of seasoned software specialists and instructional designers, this unique online learning application is the optimum vehicle for delivering learning content.

NEW! Ontario PHIPA Version Available Now!

Privacy Awareness Essentials in Healthcare online training series launches with Ontario PHIPA version during #PAW2017 week May 15-21, 2017. In conjunction with Privacy Awareness Week, Information Managers www.InformationManagers.ca and Corridor Interactive www.CorridorInteractive.com have announced the release of the newest addition of the “Privacy Awareness in Healthcare: Essentials” series with a focus on Ontario’s Personal Health Information Protection Act (PHIPA) legislation. The first on-line privacy awareness training in this series released in 2016 focused on Alberta’s Health Information Act. Many other provinces have health information legislation as well, and while some of the key terms differ from province to province, this privacy awareness training is applicable to any organization that collects, uses, and discloses personally identifying information.

When you purchase the course, select the Ontario or the Alberta version of Privacy Awareness Essentials in Healthcare.

Not sure if the Privacy Awareness in Healthcare: Essentials training is right for you?

Watch this Practice Management Nuggets Webinar interview with Heather Mooney for a detailed look at the online course.

This short video from Corridor Interactive will give you a glimpse into the look and feel of the online course experience.

I'm convinced! Sign me up!

$35 per subscription

Register Now

Give your staff the knowledge and tools they need to apply policy in their day-to-day work AND prevent a privacy breach with privacy awareness training.

Privacy Awareness in Healthcare: Essentials

Protect your organization and your patients. Equip your staff with the information they need to confidently and correctly handle personal health information. Learn basic healthcare privacy principles and how to handle personal health information, use safeguards, and recognize and report a privacy breach.

Along with your registration to the course from Corridor Interactive, you will also benefit from the occasional Privacy Nugget tips from Your Practical Privacy Coach by email of similar privacy resources and articles that you can use right away!

I have used Corridor's Privacy Awareness in Healthcare: Essentials online training program. The course has helped satisfy the training requirements of the Health Information Act. Staff go through the course at their own pace while we monitor to ensure completion.

Luke Brimmage

Executive Director, Aspen Primary Care Network

The online Privacy Training from Corridor Interactive helped EFW in providing consistent and comprehensive privacy training to all of our staff. The information in the modules was presented in a way that was relevant and easy to understand and offered the added benefit of being able to be completed by staff in smaller time periods using the automatic bookmarks. One of the best features was the ability to customize the program and add in links and references to specific EFW Radiology processes and policies. This made the training not just another off the shelf product, but something relatable to our organization as a whole.

Helen Lemieux, CHRP

Director of Human Resources, EFW Radiology

Sounds great! Sign me up!

This self-paced on-line education includes:

Welcome

Introduction to the course
Privacy legislation introduction

Part 1

Understanding Privacy
Privacy Principles
Collection, Use and Disclosure
Roles and Responsibilities
Privacy Breaches

Part 2

Right of Access
Safeguards
What is ‘Personal Health Information’?
Handling Personal Health Information
Post Test to confirm that you understand the key concepts

Certificate of Completion

“When we know better, we can we do better.”

As an employer and health care provider, you are responsible to provide training to all of your employees about privacy awareness. Protect your organization and your patients. Equip your staff with the information they need to confidently and correctly handle personal health information.

I am constructively obsessive about privacy and confidentiality in the healthcare sector–and I think you should be, too! I designed this course to assist healthcare providers, clinic managers, practice managers, privacy officers and independent healthcare practice owners provide practical privacy awareness training that was easy to implement, consistent content, cost-effective and meaningful to your day-to-day business.

When each member of your independent healthcare practice completes this privacy awareness course, you will have clearer expectations and confidence that your team will maintain the privacy, confidentiality and security of your patient’s health information. Give your patients the gift of privacy. Improve your healthcare practice with privacy awareness education.

Jean L. Eaton, Your Practical Privacy Coach Information Managers Ltd.

Frequently Asked Questions

How can I access the course?

The course, Privacy Awareness in Healthcare: Essentials, is available on-line from any internet enabled device. You can use your desktop computer, smart phone or tablet to view the slides and even hear the narration.

How long is the course?

Most students complete the course in under 2 hours. You can start and stop the course at any time. Let's say you decide to take 20 minutes each day to work on the course. You can login and start the course right away. When you come back to the course the next day, you can start right from where you left off. You will have all the modules and the post-test done within 6 days. Don't worry about missing a few days – you have access to the course for a full 3-months!

This is my first job in a healthcare practice. Do I know enough to start the course?

You bet! The course is easy to read and I explain all the terms that you need to know. There are a lot of practical examples, too, to make it easier for you to apply what you have learned to your job.

I've worked in healthcare for a long time. Do I still need to take this course?

You bet! Seasoned professionals like yourself have an extra obligation to share your knowledge with new workers. This course will help you to refresh key principles and suggest wording, examples, and key messages that you can use to train new employees to their specific tasks in the workplace. The course will help you to advocate for the privacy rights of your patients. Unfortunately, we have many examples where trained professionals who “should have known better” make errors in judgement causing privacy breaches that affect our patients, our business, and the reputation of healthcare. Healthcare practitioners and owners have a responsibility to ensure that everyone in the practice receive comprehensive privacy awareness training regularly.

Will I get a certificate of completion that I can give my employer?

Yes – at the end of the course, you will have the opportunity to complete a short on-line quiz to confirm that you understand the key concepts. Then you will have access to a Certificate of Completion that you can download and share with whomever you choose.

Can I get continuing education credits with my professional association?

Maybe! This course is pre-approved by the International Association of Privacy Professionals (IAPP) for 2.5 Group A Continuing Professional Education (CPE) credits for CIPP/C, CIPM, and CIPT-certified individuals. If you are a member of another association and you would like to seek credits from for taking this course, please let us know so we can take steps to request pre-approval.

How much is the course?

The course is $25 per person. Click here to buy it right away.

I think everyone in my healthcare practice should take this course! Can I buy in a group package?

Yes – Privacy Awareness in Healthcare: Essentials is available in group packages, or it can be customized to incorporate your organization’s privacy policy and practices. Employers can monitor the employee’s training progress and receive a report of employee’s satisfactory completion of on-line quizzes. Track annual privacy awareness training through our online platform to demonstrate your compliance with legislation. Contact Corridor Interactive for more information.

I agree that privacy awareness training s important - but I don't work in healthcare. Do you have a corporate privacy awareness program?

While these programs have been developed with health care providers in mind, the privacy principles and fundamentals of protecting personal information are appropriate for any organization that collects, uses, and discloses personally identifying information. Contact us for information about our Corporate Privacy Awareness Program!

Interested in Group Training?

Employers can also purchase training for groups of employees; employees can access the internet based training at a time and location convenient to them. Employers can monitor the employee’s training progress and receive a report of employee’s satisfactory completion of on-line quizzes. Track annual privacy awareness training through our online platform to demonstrate your compliance with legislation.

Email Corridor Interactive to Order Group Training

Corridor Interactive, health care, Health Information Act Training, healthcare, healthcare provider, primary healthcare, privacy, privacy awareness, Privacy Awareness in Healthcare: Essentials, privacy breach, training

How to Prevent Phishing Attacks

Posted on January 27, 2017 by Jean Eaton in Blog

“Hello Dear sir/madam, I have received large sum of money to be transferred to your bank account.Please to email me right away with your account information. Many thanks.”

Ever get one of these emails? We're pretty good at recognizing this kind of scam, but cyber criminals are very clever to find new ways to hijack our personal data.

These kinds of attacks are called “social engineering attacks” and they include “phishing”, “spear phishing”, “pharming” and “vishing“. These attacks exploit human tendencies of wanting to be helpful to people in need, trusting those with some form of authority, or even just being curious or greedy.

By claiming to be a system administrator who needs your password to fix your account, or your credit card company needing to verify your credit card number and expiration date, or someone from far away who will give you millions of dollars as soon as you send him some money first….these are all ways to gain unauthorized access to systems or information in order to commit fraud or identity theft.

It only takes one click!

A phishing scam usually involves an e-mail that encourages a user to click on a link, which could then expose the user’s computer to malicious software. The software can then open the doors to unauthorized disclosure of information, loss of information and/or denial of network service.

We have also seen an increase in the number of ransomware attacks where the attacker, once inside the victim’s system, changes the passwords or encrypts the data from the authorized users’ files. The attacker then demands that the owner pay them to return access to the information.

Last year, the Canadian Revenue Agency was forced to delay the tax-filing deadline because its network was exposed to the Heartbleed bug, which essentially allows unauthorized people to access supposedly protected Internet traffic. A computer-science student in London, Ont., is facing several charges for exploiting the vulnerability created by the bug to access sensitive information. (The Globe and Mail May 14, 2015.)

Don't get caught on the phish-hook!

There are many creative ‘cyber bad guys' who love to trick you into providing your personal information. You need to educate yourself about the kind of scams out there, and take heed to prevent a cyber attack.

[clickToTweet tweet=”Employees are widely considered to be the weakest link in security infrastructure. Be #PrivacyAware” quote=”Employees are still widely considered to be the weakest link in any security infrastructure, so it’s no surprise that phishing remains so popular and effective. “]

The fact is, good phishing email looks just like regular messages from people we know and care about, and to make matters worse, it can also be difficult to detect.

When it comes to phishing, prevention is the best defense. Investing in employee education and training now can save you a great deal of time and effort further down the line.

How Do You Avoid Being a Victim?

Tip – Be secure, be suspicious, be up-to-date.

Instructions

Click the image to download the pdf

Learn more about phishing – The Office of the Privacy Commissioner of Canada has a Top 10 tips to protect your inbox, computer and mobile device.
Educate yourself – and your staff and family– about cyber security awareness. Use the ‘The Realist’s Guide to Cybersecurity Awareness’ from Barkly to help you with ideas on how you can create a privacy and security awareness program.
Print the poster 5 Ways to Help Employees be Privacy Aware.
Use the Family Digital Chores Checklist from ESET-NCSA to remind you to conduct routine digital maintenance at home and at work.
Be suspicious of emails from financial institutions or other organizations hat ask you to provide personal information online. Reputable firms never ask for information in this manner.
Look closely for clues to fraudulent emails like a lack of personal greetings and spelling or grammatical mistakes.
Verify a phone number before calling it – if someone left you a message or sent an email claiming to be from your financial institution, make sure you check that the number is the one printed on the credit card or your bank statement.

Celebrate Data Privacy Day with Information Managers!

[clickToTweet tweet=”Practical #Privacy tips, tools, and resources! Get it before it's gone. #PrivacyAware” quote=”Concerned about your privacy online? The FREE Data Privacy Day E-course makes it easy for you to enjoy the benefits of the internet while protecting your privacy.”]
It's easy, fun and filled with practical tips, tools, and resources!

Click here: Get it before it's gone.

Follow Data Privacy Day around the world using Twitter and #PrivacyAware.

#PrivacyAware, Data Privacy Day, email phishing, phishing, Practical Privacy Coach, prevent phishing attacks, privacy awareness, security

Smartphone Privacy Tips

Posted on January 26, 2017 by Jean Eaton in Blog

Ah, smartphones. The wonderful technology that lets us call, text, email, and Facebook to our heart's content, all while throwing some digital angry birds. What's not to love?

Quite a lot, actually, if you fail to protect your privacy.

Smartphones can store and transmit a wide range of data that third parties can access – such as your contact list, your pictures, and your browsing history. They are also vulnerable to viruses and malware that can compromise your personal information. Many apps that you have downloaded or pre-installed use geo-location, which allows you to be tracked wherever you go. Using Wi-Fi hotspots are a great way to get around paying for data usage on your phone bill, Wi-Fi hotspots can also leave you vulnerable to intrusion.

Wondering if a smartphone is a good idea for your child?

Taylor Tompkins provides step by step instructions on how you can modify your child’s smart phone security settings to help you limit the phone’s applications that meet parental approval and empower your child to use their smartphone responsibly.

For more security tips for your SmartPhone, including a review of apps, how to secure your work email, access your bank from your mobile device, make safe purchases on your mobile, and reduce security breaches see, “Smartphone Security Guidance” (TigerMobiles.com)

Memory Devices Too

Sometimes we forget that our cell phones are memory devices, too. Plugging in your cell phone to a computer USB port might be convenient way to listen to music while you are at work or to charge up your phone – but it is also a way to upload viruses from the phone to the computer or to download data from the computer to the cell phone![clickToTweet tweet=” Don't let employees plug in their phones to your computers at work. #PrivacyAware” quote=” Don't let employees plug in their phones to your computers at work.”]

Do You Use a Digital Wallet?

Using your phone to pay for your purchases is the ultimate convenience. Not surprisingly, it comes with additional risks, too. VISA recommends users to keep “L-O-K” in mind to add extra layers of security to protect your digital wallet. See more details here:

How to “LOK” down your digital wallet

So how do you protect your mobile privacy?

Tip – Secure and protect your phone to protect your smartphone privacy.

Instructions

Secure your phone with a unique password
Protect your phone with security software and update its operating system when prompted
Opt-out of the location service feature – many apps do not need geo-location enabled to work
Limit the type of business you conduct using Wi-Fi hotspots. If you use Wi-Fi frequently, consider using a VPN connection. See the infographic from Point-Bl_nk Communications
Turn off blue-tooth and Wi-Fi roaming; turn it on only when you need it
Help the Good Samaritan return your lost phone; enable your screen lock display with a contact phone number or email to find you.

For more smartphone privacy tips, see Information Managers Data Privacy Day E-course. Get it before it's gone!

Resources

Ackroyd, Brandon. “Smartphone Security Guidance” (TigerMobiles.com) 2015- Dec-14.

Martin, Stacy. “Helpful or Creepy? The Creep-O-Meter Could Help You Find Out” Stay Safe Online Blog 2015-Nov-13.

Tompkin, Taylor. Empowering Your Child to Use Their Smartphone Responsibly, Stay Safe Online Blog, 2013-Jul-16.

See all the Data Privacy Day E-course resources posted each day on our website.

Celebrate Data Privacy Day with Information Managers!

[clickToTweet tweet=”Concerned about your privacy online? Practical tips, tools, and resources! Get it before it's gone. #PrivacyAware. ” quote=”Celebrate Data Privacy Day with Information Managers! Tweet This!”]

Concerned about your privacy online? The FREE Data Privacy Day E-course makes it easy for you to enjoy the benefits of the internet while protecting your privacy.
It's easy, fun and filled with practical tips, tools, and resources! Get it before it's gone.

Follow Data Privacy Day around the world using Twitter and #PrivacyAware.

We are proud to be a Data Privacy Day Champ!

#PrivacyAware, Data Privacy Day, Practical Privacy Coach, Practice Management Mentor, privacy awareness, security, smart phone security, smartphone privacy tips

Why Does Data Privacy Matter So Much?

Posted on January 23, 2017 by Jean Eaton in Blog

Data privacy is important. But the real question is, why does data privacy matter so much?

“Our personal information is built with our data that enriches, defines, educates and connects us. Data tells our story.” M. Dennedy, VP & CPO at Cisco.

Celebrate Data Privacy Day with Information Managers!

Tweet This!

Concerned about your privacy online? The FREE Data Privacy Day E-course makes it easy for you to enjoy the benefits of the internet while protecting your privacy.
It's easy, fun and filled with practical tips, tools, and resources! Get it before it's gone.

Follow Data Privacy Day around the world using Twitter and #PrivacyAware.

We are proud to be a Data Privacy Day Champ!

#PrivacyAware, best practice, Data Privacy Day, Practical Privacy Coach, Practice Management Mentor, privacy awareness, training

Privacy Awareness Training is an Essential Part of Your Employee Orientation Program

Posted on October 25, 2016 by Jean Eaton in Blog

October is Cyber Security Awareness Month! Information Managers is celebrating by hosting our annual 15 Day Privacy Challenge. The 15 Day Privacy Challenge is a fun, no cost educational opportunity on privacy and security.

Privacy Challenge #11 Employee Orientation and Privacy Awareness Training

80% of all privacy breaches are internal to the organization.

Most of these breaches are the result of error or mistakes by employees.

Businesses and healthcare providers are legally responsible to ensure that every employee, contractor, and vendor receives privacy and security training, including cyber awareness. This includes healthcare providers and professional staff as well as volunteers.

Privacy awareness training is the cornerstone of every privacy and security program. Prevent malicious errors, omissions or attacks that could result in fines and even jail time for the business, healthcare provider, employee, or vendor by being up to date on privacy and security best practices.

Employers and healthcare providers must be able to document that training is provided to the employee and that the employee understood the key concepts of the content provided in the training.

A formal employee orientation process will help a new employee to succeed by:

Reduce the anxiety of the new recruit.
Introduce the organization's mission and work.
Explain the organization's culture, including the values, behaviours, formal and informal practices, etc. including expectations of privacy and security of personal information. Set clear expectations of employee’s job performance and day-to-day activities.
Introduce new employee to colleagues, including managers or supervisors.
Create mentors and job ‘buddies' to help ease the new employee into the organization's culture.

Privacy awareness training is an essential part of your employee orientation program.

Do you want to enjoy the benefits of the internet without the fear of cyber attacks and privacy breaches?

Join us for the Free 15 Day Privacy Challenge for more tips, tools, and templates that you can use right away!

We are proud to be a Champion of National Cyber Security Awareness Month #CyberAware #15DayPrivacyChallenge

#15DayPrivacyChallenge, #CyberAware, employee orientation, privacy awareness

Do you want to enjoy the benefits of the internet without the fear of cyber attacks and privacy breaches?

Posted on September 18, 2016 by Jean Eaton in Archive

Is this you?

Paul clicked on a link in an email that encrypted all his data on his computer and now he has to pay a ransom to get the data back.

Mary used her work email address to register for the course, “Ready to leave your job?” Now her boss thinks that she is looking for a new job.

Alice did not follow your clinic policies and procedures properly and she left a confidential message with the wrong patient.

Bob is a new employee and will start his orientation tomorrow.

They each use the internet for their personal lives and as an employee. You need to know the best practices on the internet and how to protect your personal information. It's easy once you know how!

The 15 Day Privacy Challenge is a fun, FREE educational opportunity on privacy and security that you can use at home or at work. Enjoy the benefits of the internet without the fear of cyber attacks and privacy breaches when you use these practical tips, tools, and resources.

This free course is ideal for businesses, healthcare practices, or clubs and their privacy officers, employees, and their families.

The course is free – there is no risk to you and you will see that the 15 Day Privacy Challenge is the perfect way to make small changes easily that can improve the privacy and security of your information right away!

October is Cyber Security Awareness Month and Information Managers is celebrating by hosting our annual 15 Day Privacy Challenge.

The 15 Day Privacy Challenge starts October 14th, for fifteen days.

The challenge includes tasks centered on a privacy or security best practice. Each challenge includes a short description about why this practice is important, how to get started, and links to additional resources. Each challenge will take approximately 15 minutes to complete.

Businesses and healthcare providers are legally responsible to ensure that every employee, contractor, and vendor receives privacy and security training, including cyber awareness. Prevent malicious errors, omissions or attacks that could result in fines and even jail time for the business, healthcare provider, employee, or vendor by being up to date on privacy and security best practices.

Training is the cornerstone of every privacy and security program.

People love games, challenges, and cyber competitions to create variety and interest in privacy and security best practices. The 15 Day Privacy Challenge uses a variety of multi-media content that everyone in your practice can understand. Privacy awareness training alone won’t guarantee that mistakes or errors in judgement won’t happen, but Privacy Awareness Training is your logical first step.

privacy-challenge-information-managers-event-fb-2016-nolink

The 15 Day Privacy Challenge starts October 14th, for fifteen days.

The 15 Day Privacy Challenge includes easy to access on-line resources delivered each day. You will have access to all of the resources for one year on the website.

BONUS – access to discussion group with other participants to share your tips.

The 15 Day Privacy Challenges includes:

Posters
Short articles with practical information
Videos
Infographics
Links to additional free resources
Certificate of completion

The 15 Day Privacy Challenge includes practical tips on:

Confidentiality
Privacy Collection
Manage USB Sticks and Mobile Devices
Computer Backup
Computer Security
Spam email, Phishing emails, Spear-phishing
Privacy Officer Education
The Right to Access Your Own Personal Information
Change Your Passwords
Employee Orientation
Social Media
Risk Assessment
Privacy Breach Reporting

At the end of the challenge, you will receive a printable poster, bragging rights, and an opportunity to win a draw for a small prize basket (Canadian participants, only).

You will also have many more tools to add to your privacy tool box!

You can do this yourself or make it a team event. The finished tasks and poster will contribute to your business' Privacy Management Program. Proudly display your poster to your co-workers and customers to show the steps you have taken to manage privacy and security.

Successful challengers might also find that this qualifies for CPE credits, too!

Register for the 15 Day Privacy Challenge!

The course is free – there is no risk to you and you will see that the 15 Day Privacy Challenge is the perfect way to make small changes easily that can improve the privacy and security of your information right away!

Register right away while this is fresh in your mind! You won’t want to miss a single one!

#15DayPrivacyChallenge, #CyberAware, 15 Day Privacy Challenge, healthcare, Practical Privacy Coach, Practice Management Mentor, privacy, privacy awareness, privacy officer, security, security awareness, training

The Email You NEVER Want to Get: I Have Received a Complaint From a Patient

Posted on February 22, 2016 by Jean Eaton in Blog

“Alice, I have received a complaint from a patient that you may have committed a privacy breach,” said the clinic manager.

You told me what happened. You did not follow our clinic policies and procedures properly when you left messages for the patient about her follow-up healthcare appointments.

I want to work with you to review and improve our office procedures and training so that this does not happen again.

I also want you to take our privacy awareness training. We provide this training for all new employees during orientation. Sometimes we each need a refresher to remind us how we can maintain privacy, confidentiality, and security of our patients’ information each day.

Alice, you are a good employee I believe that you want to do your job better. Privacy of our patients' information is very important. Our policies and procedures help us to ensure that we are doing our jobs well. This is your warning; if this type of error happens again, I will need to take additional disciplinary steps.

If you have any questions, please talk to me, your supervisor or our Privacy Officer.”

Privacy breaches happen.

Healthcare providers are responsible to ensure that employees understand their roles and responsibilities. When a breach happens, we need to contain the breach, correct the problem, and prevent it from happening again.

[clickToTweet tweet=”Do you have an office policy about when and how you should leave telephone messages for patients?” quote=”Privacy awareness training will prevent breaches and may be used as part of the strategy to prevent recurrence.”]

Privacy awareness training happens throughout the year. Informal training that is timely – say, the news item of the latest privacy breach – are great opportunities to reinforce key messages. Use ‘what if that happened to us, what would we do?’ to discuss lessons learned and improve your current practices, if necessary.

Review near-miss privacy and security incidents in your practice. This is the ideal time to discuss and fix potential problems before they become breaches.

The Privacy Officer may create and deliver the training and will monitor, supervise, and support the training.

Use a variety of written and multi-media content like

posters,
newsletters,
videos,
infographics, and
lunch ‘n learn discussions

to reinforce key messages. People love games, challenges, and cyber competitions, too, as a way to create variety and interest in privacy and security.

Privacy awareness training alone won’t guarantee that mistakes or errors in judgement won’t happen, but the healthcare provider and employer are legally responsible to take reasonable steps prevent privacy and security breaches.

Do you have a privacy awareness training program for your healthcare practice?

Let us help you with privacy awareness training on-line and in-person.

discipline, health care, healthcare, healthcare provider, primary healthcare, privacy, privacy awareness, privacy breach, privacy breach sanctions, training

Are They Watching You?

Posted on January 30, 2016 by Jean Eaton in Blog

Smart appliances may be too smart for our own good. Take smart TVs, for instance. As this article illustrates, some of these new appliances are particularly vulnerable to hackers. Once compromised, the TVs allow access to account information, including login credentials (which owners may use for access to more than just their smart-TV account).

Even scarier, hackers could gain access to front-facing cameras to see everything happening in the room where the TV is connected. Instead of you watching your favorite program, criminals may be watching you! This may also apply to Skype webcams, X-box and other games with webcams (Kinect, Wii, PS, etc), laptops and security cameras.

Once the machine is compromised, hackers can stealthily activate its front-facing camera (available on higher-end smart TVs), hijack a Samsung account, steal credentials by presenting fake login pages and infect other applications on the TV with malware.

Your App is Watching

When you download an app, it tells you it can work better or give you personalized offers or other things you might like if you switch Location Services on. For example, a dining recommendations app might offer you a coupon when you walk past a restaurant. Are there other types of apps that might want your location? What types of offers would make it a worthwhile exchange for you? Do you think this is useful or Creepy? For more examples, see “Helpful or Creepy? The Creep-O-Meter Could Help You Find Out” and try the ‘Creep-o-Meter’ activity.

Tools and programs like the Creep-o-Meter can help digital citizens be more privacy aware and own their online presence. Remember these STOP. THINK. CONNECT. tips when you use social media, play online games and engage with other technology platforms and tools.

Share with care: what you post can last a lifetime: Before posting online think about how it might be perceived now and in the future and who might see it.
Learn about and use privacy and security settings on your favorite online games, apps and platforms.
Be aware of what’s being shared: Be aware that when you share a post, picture or video online, you may also be revealing information about others. Be thoughtful about when and how you share information about others.
Personal information is like money. Value it. Protect it. Be thoughtful about who gets your personal information and how it’s collected through apps and websites.

Tip: When you are not using the webcam, unplug it!

How many times a day are you handing over your information?

Instructions

Use a hard wired LAN connection from PC to Smart TV – often more secure than using wireless networking (as wireless is often not installed securely, either).
Unplug the Ethernet cable and/or delete the wireless network connection settings.
Put tape over the camera and inbuilt mic if included, and put a blank 3.5″ plug into any mic input sockets.
Don't allow your Smart TV access to any other devices on your network (laptops, PCs, smartphones, tablets).
Don't log in from your TV to any websites that have sensitive information
DON'T re-use passwords on any other sites, especially not high-value sites like banking or email.

Resource

Privacy for Everyone: Closing the Gap Between the Privacy-Have's and the Privacy Have-Nots Address by Patricia Kosseim, Senior General Counsel and Director General, Legal Services, Policy and Research Branch, (June 2014)

Rebecca Herold (a.k.a. The Privacy Professor) for more tips.

‘Technocreep' author says new technologies have been invading our privacy like never before , CBC interview, The Current with Anna Maria Tremonti and Tom Keenan

WeLiveSecurity. ESET 10 Steps to Staying Secure on Public Wi-Fi. 2015-Sep-02

#PrivacyAware, Data Privacy Day, Internet of Things, IOT, Practical Privacy Coach, Practice Management Mentor, privacy awareness, security, smart appliances