Employee Fired for Inappropriately Accessing EHR Records

Employee Fired for Inappropriately Accessing EHR Records By Mike Semel Even an ‘Internal Breach’ is a Breach According to an announcement on its website, Alabama-based DCH Health Systems fired an employee for accessing and viewing over 2,500 patient records “without ...

Is this MSP Lying or Just Not Paying Attention?

Is this MSP Lying or Just Not Paying Attention? By Mike Semel If you make promises in marketing—but don’t validate that your team is delivering—you are lying to yourself and risking legal jeopardy. My consulting company  recently received network scans ...

Don’t Use Webmail or Text Messages for Patient Info

Don’t Use Webmail or Text Messages for Patient Info  Definition Webmail includes the free mail services available on the Internet, like Gmail, Yahoo! Mail, Hotmail, etc. plus free e-mail accounts you may receive with an Internet service from Verizon, Time-Warner, ...

FTC Charges Company Displaying HIPAA Seal with Consumer Fraud

FTC Charges Company Displaying HIPAA Seal with Consumer Fraud Don’t make the same “stupid marketing mistake.” You may have heard me speak or write about the risk of businesses using phony HIPAA compliance seals in their marketing. My warnings were ...

The U.S. Government Just Warned Businesses About You

The U.S. Government Just Warned Businesses About You Here’s how to use that as a marketing tool by showing managed services clients you’ve adopted CISA’s security recommendations. On September 2, the Cybersecurity and Infrastructure Security Agency (CISA), part of the ...

DOD Announces Major CMMC Changes

DOD Announces Major CMMC Changes CMMC 2.0 reduces the levels within the program from five to three, but there is still a big opportunity for MSPs. As predicted, on November 4, the United States Department of Defense (DoD) announced major ...

HIPAA Business Associate Qualifying Questions

HIPAA Business Associate Qualifying Questions Do You Believe the Vendor Is a Business Associate? The vendor: Provides a service that requires them to view patient information.  Provides a service that requires them to store patient information. It does not matter ...

Why Manufacturers and Service Providers Must Comply with HIPAA

Why Technology Manufacturers, Service Providers, Help Desks & Managed Service Providers Must Comply with HIPAA  HIPAA  The Health Insurance Portability and Accountability Act (HIPAA) requires that electronic Protected Health Information (ePHI) be secured against loss or unauthorized access. Business Associates  ...

When HIPAA Becomes Criminal

When HIPAA Becomes Criminal By Mike Semel Former Hospital Employees Accused of Selling Patient Information Five former employees of Methodist Hospital in Memphis, TN, including a recently-licensed Registered Nurse, were indicted by a federal grand jury for allegedly selling medical ...

Compliance: The More You Know, The More You Earn

Compliance: The More You Know, The More You Earn Getting up to speed on state and federal regulations isn’t as hard as it seems, and the payoff for you and your clients is huge. TRUE STORY: COMPLIANCE helped me sell ...