Keep Your Club Out of Legal Hot Water

Posted on August 31, 2016 by Jean Eaton in Blog

It only takes a little time and effort now to dramatically reduce the likelihood of a privacy breach in the future.
My Toastmaster career started as a charter member of Living Legacy Club and past member of New Entrepreneurs Club in Edmonton.

Toastcaster Speakcast for Toastmasters

Recently, I was a podcast guest on Toastcaster Podcast hosted by Greg Gazin.

It was a lot of fun to talk with Greg about how Toastmaster Clubs can quickly and easily build in privacy awareness with their club officers business practices.

We talked about the 3 simple practical tips every club can use to prevent a privacy breach. This works for every type of club – toastmasters, Scouts, soccer team or book club!

Tip #1: Create an inventory of the data (asset) that your club collects and is now responsible to keep confidential and secure.

Use the inventory like a library account – keep track of who has access to the information, and when it is returned.

The club owns this information – they are responsible to keep the inventory information and could be kept with the annual report of the club.

Tip #2: Create a checklist for the orientation of each new club director that clearly tells them of your club's expectations about how they will keep club and member information confidential and secure.

You can use the checklist as part of the orientation package for club members and officers.

Tip #3: Make it easy for club directors and members to keep information confidential and secure.

It’s not always about technology.

But – you do need a method to ensure that the business records of the club – the members’ information, minutes of meetings, financial transactions, contracts and agreements that you have for events – are maintained in a central location.

This could be on paper. This could be on a private shared network where your directors can save and access all of their Club business records.

It should not be on your director’s mobile device which can be lost, damaged or stolen. Emails should not be on personal email accounts which the club can’t retrieve if the Director suddenly moves from town, is ill, or they loose control of that email account. Don’t let your club directors send club emails using their employer's email account!

Tip – You could create a checklist as part of the orientation for each member and director. It includes the clear and firm guidelines to confidentially and securely handle the business of your club – the do’s and don’ts of how to collect, use, and protect the information of members and the club.

Toastcaster Speakcast for Toastmasters

Discover the top 10 mistakes that healthcare practices, small businesses and even your clubs commonly make with confidential information – and what you can do to avoid them.

You can take these easy to implement steps to protect your healthcare practices, small businesses and even your clubs from errors, omissions or attacks that could result in complaints, fines and even jail time!

Download the FREE report that you can access right away!

Greg Gazin, Jean Eaton; Practical Privacy Coach; podcast;, privacy breach, Toastcasters, Toastmasters

Tips to Protect Your Business From Cybercrime

Posted on August 12, 2016 by Jean Eaton in Blog

“Develop and practice a privacy and security breach management plan. Ask to see your vendors' and contractors' privacy and security breach management plan, too.

Prepare for a cybercrime by identifying your risks and mitigate or prevent those risks from happening.”

~ Jean L. Eaton of Information Managers Ltd.
Contributor “Tips to Protect Your Business From Cybercrime”

Independent healthcare practices and small business owners need to know the important tips to prevent cybercrime attacks.

“Tips to Protect Your Business From Cybercrime” will help you to discover over 75+ practical tips from experts and small business owners to help you protect your small business.

Time spent NOW on basic security will prevent privacy breach pain!

[clickToTweet tweet=”Cybersecurity is for all businesses even if you do not us social medial or a website! #PrivacyAware” quote=”Cybersecurity is for all businesses – even if you are not using social medial or have a website!”]

Many small business think that they are too small to be attacked – not true! Not reviewing your security practices and keeping up to date can leave your small business vulnerable to attacks.

Many independent healthcare providers and clinic owners ask,

I'm a small business. I'm not at risk of cybersecurity, am I?
I can't afford to hire a security expert – what can I do to improve cybersecurity for my business?
What should I include about cybersecurity in my training for my employees?

This e-book includes:

Website Security Tips
Finance Security Tips
Back Office Security Tips
Account Management Security Tips

You need to read this immediately to take your cybersecurity to the next level. Get this Free E-book from “Tips to Protect Your Business From Cybercrime“, a Cybercrime Security E-book created by Microsoft and Small Business Trends!

cybercrime, cybersecurity, healthcare, Microsoft, privacy breach, Small Business Trends

Say ‘No’ to Snooping!

Posted on May 7, 2016 by Jean Eaton in Archive

We don't need more cases of people snooping into patient health records.

We do need employers to implement clear privacy policies, privacy awareness training program, implement monitoring and sanctions when employees or contractors break policies and laws.

Employers who don't do this are breaking the law, violating their professional regulations standards, and opening up the doors for the employers to be fined and even jail time.

What are you doing to improve your policies and training?

If you need help, contact me. I will help you to sort out all the good things in your practice, point out where you can improve, and might be able to help you with the heavy lifting to get there. I'll help you to look after the elephant in the room.

Take steps today to make sure your healthcare practice isn't a victim of snooping.

health care, healthcare, privacy, privacy awareness training, privacy breach, privacy laws, snooping

Protected: Happy Hour Cafe – Are You Prepared?

Posted on April 28, 2016 by Jean Eaton in Uncategorized

CLPNA, privacy breach, privacy breach management, privacy breach management response plan, privacy breach reporting, privacy breach response

The Email You NEVER Want to Get: I Have Received a Complaint From a Patient

Posted on February 22, 2016 by Jean Eaton in Blog

“Alice, I have received a complaint from a patient that you may have committed a privacy breach,” said the clinic manager.

You told me what happened. You did not follow our clinic policies and procedures properly when you left messages for the patient about her follow-up healthcare appointments.

I want to work with you to review and improve our office procedures and training so that this does not happen again.

I also want you to take our privacy awareness training. We provide this training for all new employees during orientation. Sometimes we each need a refresher to remind us how we can maintain privacy, confidentiality, and security of our patients’ information each day.

Alice, you are a good employee I believe that you want to do your job better. Privacy of our patients' information is very important. Our policies and procedures help us to ensure that we are doing our jobs well. This is your warning; if this type of error happens again, I will need to take additional disciplinary steps.

If you have any questions, please talk to me, your supervisor or our Privacy Officer.”

Privacy breaches happen.

Healthcare providers are responsible to ensure that employees understand their roles and responsibilities. When a breach happens, we need to contain the breach, correct the problem, and prevent it from happening again.

[clickToTweet tweet=”Do you have an office policy about when and how you should leave telephone messages for patients?” quote=”Privacy awareness training will prevent breaches and may be used as part of the strategy to prevent recurrence.”]

Privacy awareness training happens throughout the year. Informal training that is timely – say, the news item of the latest privacy breach – are great opportunities to reinforce key messages. Use ‘what if that happened to us, what would we do?’ to discuss lessons learned and improve your current practices, if necessary.

Review near-miss privacy and security incidents in your practice. This is the ideal time to discuss and fix potential problems before they become breaches.

The Privacy Officer may create and deliver the training and will monitor, supervise, and support the training.

Use a variety of written and multi-media content like

posters,
newsletters,
videos,
infographics, and
lunch ‘n learn discussions

to reinforce key messages. People love games, challenges, and cyber competitions, too, as a way to create variety and interest in privacy and security.

Privacy awareness training alone won’t guarantee that mistakes or errors in judgement won’t happen, but the healthcare provider and employer are legally responsible to take reasonable steps prevent privacy and security breaches.

Do you have a privacy awareness training program for your healthcare practice?

Let us help you with privacy awareness training on-line and in-person.

discipline, health care, healthcare, healthcare provider, primary healthcare, privacy, privacy awareness, privacy breach, privacy breach sanctions, training

Can You be Charged Under the Health Information Act ?

Posted on December 2, 2015 by Jean Eaton in Blog

If you access personal health information without authorization, this is a privacy breach.

You can be charged with a fine under the HIA and can face penalties, fines, and sanctions from your professional association.

How frequently are people being charged under the Health Information Act in Alberta for improper access to health information?

“This year alone, there has been one conviction and two charges for improper access of health information. The office is also investigating more than a dozen cases, and they all have the potential to become offence investigations.” Medical record privacy breaches an ‘epidemic' in Alberta,' says commissioner CBC News Posted Oct 15, 2015.

An investigation by the Alberta Office of the Information and Privacy Commissioner (OIPC) has resulted in 26 charges being laid against an individual under the Health Information Act (HIA) as reported in a OIPC News Release December 1, 2015. An incident at the Alberta Children’s Hospital in Calgary was reported by Alberta Health Services to the OIPC. The OIPC conducted an investigation and upon completion of the investigation charges were laid against the individual who allegedly gained access to health information in contravention of HIA.

This is the sixth time charges have been laid under provisions of HIA. The maximum penalty for each offence is $50,000.

Who is a custodian?

The custodian (as defined by HIA a ‘custodian' includes physicians, pharmacists, dentists, chiropractors, optometrists, Alberta Health Services, Minister of Alberta Health and more). The custodian is responsible to take reasonable steps prevent privacy and security breaches including providing privacy awareness training.

Do you have a privacy awareness program?

Do you have a privacy awareness program in your practice that everyone must attend? This includes healthcare providers, students, residents, office staff and, yes, even the non-patient care employees like cooks, cleaners, and maintenance staff.

Have you seen this?

Do You Need Privacy Awareness Training for Your Healthcare Practice?

fines, Health Information Act, HIA, privacy awareness training, privacy breach

Privacy Challenge #15 Privacy Breach

Posted on October 29, 2015 by Meghan Davenport in Archive

Privacy Breach

Have you ever received a phone call from your bank telling you that your credit card information may have been compromised or stolen?

Be glad you did. While this kind of call may frighten you and create doubt and cause inconvenience, it is far better to be notified and to solve the problem than to let it persist. And if the bank catches the theft early and calls you to let you know how they have prevented it from happening again, you are likely to thank the bank for looking out for your best interests.

The same thing happens when you suspect that you have a privacy breach at work. You need to stop it, report it, inform the client, and let them know what you are doing to solve the problem. It is never an easy phone call to make, but most of the time the client appreciates your concern.

Privacy Breach – 3 Mistakes in Managing a Privacy Breach

Posted on October 28, 2014 by Meghan Davenport in Past Events

Privacy, Confidentiality, Security for Medical Offices©

Privacy Breach – 3 Mistakes in Managing a Privacy Breach

Privacy is a huge issue for the public right now, and as more businesses, health care practices, and even your grocery store collect more information about you, the risks of having that information stolen, misused, or compromised, are huge.

Having a privacy breach can cost you time, money, and trust of your patients.

Attend this webinar, 3 Mistakes in Managing a Privacy Breach, to help you understand the three common mistakes in managing a privacy breach, and ensure that you and your staff take the right steps to contain, manage, and prevent privacy breaches.

Pssst – if you are a member, click this link for an EXCLUSIVE coupon. Not a member? Become one!

This webinar will teach you:

how to identify a privacy breach
how to notify a privacy breach
how to communicate about a privacy breach

Register for the Webinar!

Privacy Breach – 3 Mistakes in Managing a Privacy Breach

Tuesday, November 4th, 2014 10-11 am MST

Live webinar with Jean Eaton, the Practical Privacy Coach and Practice Management Mentor.

Discussion, resources, and template procedures that you can use right away!

You don’t have to attend LIVE, but you will miss the Q&A! Replays available. Register now!

The Privacy, Confidentiality and Security Series include topics such as privacy awareness, privacy breaches, and email with patients. Seminars last from an hour to an hour and a half, and cover important information for new patient care providers and support staff, as well as practice managers, healthcare providers, or trusted vendors who support healthcare practices. Privacy, Confidentiality and Security© series is hosted by Jean Eaton (the Practice Management Mentor) of Information Managers Ltd.

healthcare, Practical Privacy Coach, privacy breach, privacy breach management

Privacy Breach – 3 Mistakes in Managing a Privacy Breach – Live

Posted on October 28, 2014 by Meghan Davenport in Privacy, Confidentiality, and Security Series Webinar

Thank you for registering for the Information Managers' Privacy, Confidentiality, Security Series event: Privacy Breach – 3 Mistakes in Managing a Privacy Breach.

Please return to this page on Monday, November 4rd at 10 am MST to attend the live event. (Not in MST? Click here to find your timezone)

Countdown:

Replay and Resources: Privacy Breach – 3 Mistakes in Managing a Privacy Breach

Resources and links for additional information.

Date & Time Live: Tuesday, November 4, 2014 10-11 am MST (not in MST? Click here to find your timezone)

After this webinar, you'll understand the three common mistakes in managing a privacy breach, and ensure that you and your staff take the right steps to contain, manage, and ultimately prevent future privacy breaches.

This webinar will teach you:

how to identify your privacy breach
who to inform of your privacy breach
how to handle questions and concerns from your patients

Resources:

Webinar Learning Guide

BONUS! Privacy Breach Awareness Video

Subscribe to Privacy Nuggets

Live Event:

(if you are unable to view the slides below, please click here. If you have any other technical issues, send us an email)

healthcare, Practical Privacy Coach, privacy breach, privacy breach management

Privacy Breach – 3 Mistakes in Managing a Privacy Breach

Posted on June 3, 2014 by Meghan Davenport in Blog, Privacy, Confidentiality, and Security Series Webinar

Privacy Breach – 3 Mistakes in Managing a Privacy Breach

Privacy is a huge issue for the public right now, and as more businesses, health care practices, and even your grocery store collect more information about you, the risks of having that information stolen, misused, or compromised, are huge.

Having a privacy breach can cost you time, money, and trust of your patients.

Attend this webinar, 3 Mistakes in Managing a Privacy Breach, to help you understand the three common mistakes in managing a privacy breach, and ensure that you and your staff take the right steps to contain, manage, and prevent privacy breaches.

Pssst – if you are a member, click this link for an EXCLUSIVE coupon. Not a member? Become one!

This webinar will teach you:

how to identify a privacy breach
how to notify a privacy breach
how to communicate about a privacy breach

Register for the Webinar!

Privacy Breach – 3 Mistakes in Managing a Privacy Breach

Tuesday July 29th, 2014 12:00pm – 1:00pm MST

Live webinar with Jean Eaton, the Practical Privacy Coach and Practice Management Mentor.

Discussion, resources, and template procedures that you can use right away!

Replay will be available for 1 week. Register today!

The Privacy, Confidentiality and Security Series include topics such as privacy awareness, privacy breaches, and email with patients. Seminars last from an hour to an hour and a half, and cover important information for new patient care providers and support staff, as well as practice managers, healthcare providers, or trusted vendors who support healthcare practices. Privacy, Confidentiality and Security© series is hosted by Jean Eaton (the Practice Management Mentor) of Information Managers Ltd.

practice management, privacy breach, template