The Rheumatologist
COVID-19 News
  • Connect with us:
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Feed
  • Home
  • Conditions
    • Rheumatoid Arthritis
    • SLE (Lupus)
    • Crystal Arthritis
      • Gout Resource Center
    • Spondyloarthritis
    • Osteoarthritis
    • Soft Tissue Pain
    • Scleroderma
    • Vasculitis
    • Systemic Inflammatory Syndromes
    • Guidelines
  • Resource Centers
    • Ankylosing Spondylitis Resource Center
    • Gout Resource Center
    • Rheumatoid Arthritis Resource Center
    • Systemic Lupus Erythematosus Resource Center
  • Drug Updates
    • Biologics & Biosimilars
    • DMARDs & Immunosuppressives
    • Topical Drugs
    • Analgesics
    • Safety
    • Pharma Co. News
  • Professional Topics
    • Ethics
    • Legal
    • Legislation & Advocacy
    • Career Development
      • Certification
      • Education & Training
    • Awards
    • Profiles
    • President’s Perspective
    • Rheuminations
  • Practice Management
    • Billing/Coding
    • Quality Assurance/Improvement
    • Workforce
    • Facility
    • Patient Perspective
    • Electronic Health Records
    • Apps
    • Information Technology
    • From the College
    • Multimedia
      • Audio
      • Video
  • Resources
    • Issue Archives
    • ACR Convergence
      • Systemic Lupus Erythematosus Resource Center
      • Rheumatoid Arthritis Resource Center
      • Gout Resource Center
      • Abstracts
      • Meeting Reports
      • ACR Convergence Home
    • American College of Rheumatology
    • ACR ExamRheum
    • Research Reviews
    • ACR Journals
      • Arthritis & Rheumatology
      • Arthritis Care & Research
      • ACR Open Rheumatology
    • Rheumatology Image Library
    • Treatment Guidelines
    • Rheumatology Research Foundation
    • Events
  • About Us
    • Mission/Vision
    • Meet the Authors
    • Meet the Editors
    • Contribute to The Rheumatologist
    • Subscription
    • Contact
  • Advertise
  • Search
You are here: Home / Articles / Cyber Safety in the HIPAA Age

Cyber Safety in the HIPAA Age

January 6, 2017 • By Richard Quinn

  • Tweet
  • Email
Print-Friendly Version / Save PDF

maksimkabakou_shutterstock_cybersecurity_500x270Do you share logins and passwords in your rheumatology office? Do you have strict—and enforceable—policies for protecting the information of patients with rheumatic diseases? Do you require staffers to refrain from using personal devices during work? Do you perform background checks on new employees?

You Might Also Like
  • HIPAA Cautions: The Problem with Personal Devices in Medical Practices
  • English Hospitals Divert Ambulances After Ransomware Cyber Attack
  • Legal Updates: Healthcare Data Privacy and Security under HIPAA
Also By This Author
  • What Our Colleagues Should Know: Neurologists & Rheumatologists Must Communicate

If the answers to those questions make you cringe, your rheumatology practice might be in need of a security checkup. Auditing your health IT policies, safeguarding your hardware and educating your staff on the importance of data security should be routine, according to industry experts.

Salahuddin Kazi, MD

Salahuddin Kazi, MD

“You have to be very diligent,” says Salahuddin Kazi, MD, professor of medicine in the Division of Rheumatic Diseases at the University of Texas Southwest Medical Center in Dallas, and chair of the ACR’s Registry and Health IT Committee. “It is very costly when violations occur. Also, physicians need to realize that the vulnerability is not [just] you; it is your staff. … You must embrace data security.”

As witnessed by recent server outages and hacked emails, cyber security is a challenge at all levels of business. Medical practices are especially vulnerable, according to Lee Kim, director of privacy and security at HIMSS, the Healthcare Information Management Systems Society.

Lee Kim

“No one, not even a physician practice with 1–10 doctors, is safe. You can’t just set it and forget it and assume that all your data [are] safe because your [electronic health records] vendor is taking care of that. Unfortunately, it is not true,” says Ms. Kim, who worked as a healthcare attorney for 10 years before joining HIMSS. “You need to be proactive about cyber security. Everyone, frankly, is a target.”

Here are six things experts say you should do—some right away and some as long-term policy—to safeguard your practice.

1. Protect Your Data
Every physician knows violations of the Health Insurance Portability and Accountability Act (HIPAA) come with potentially severe financial penalties. But Dr. Kazi says it still is routine for rheumatology practices to ask new patients to fill out intake forms with sensitive information (i.e., date of birth or Social Security number) and mail or email the forms to the office.

ad goes here:advert-3
ADVERTISEMENT
SCROLL TO CONTINUE

“It is very risky, and I think that it has to go away,” he says. “[Intake forms] must be done within a secure portal, or patients should bring the forms into the office.”

Ms. Kim says that although some people can detect a “phishing” email, no person is 100% immune to all the gimmickry and sneaky scams. She reminds rheumatologists it takes only one wrong click to introduce malware into your network.

Pages: 1 2 3 4 | Single Page

Filed Under: Information Technology, Practice Management, Technology Tagged With: cyber security, data, data management, Health Information Technology, HIPAA, HIPAA compliance, Practice Management, Technology

You Might Also Like:
  • HIPAA Cautions: The Problem with Personal Devices in Medical Practices
  • English Hospitals Divert Ambulances After Ransomware Cyber Attack
  • Legal Updates: Healthcare Data Privacy and Security under HIPAA
  • Email & Text in the World of HIPAA

Simple Tasks

Learn more about the ACR’s public awareness campaign and how you can get involved. Help increase visibility of rheumatic diseases and decrease the number of people left untreated.

Visit the Simple Tasks site »

Rheumatology Research Foundation

The Foundation is the largest private funding source for rheumatology research and training in the U.S.

Learn more »

American College of Rheumatology

Visit the official website for the American College of Rheumatology.

Visit the ACR »

The Rheumatologist newsmagazine reports on issues and trends in the management and treatment of rheumatic diseases. The Rheumatologist reaches 11,500 rheumatologists, internists, orthopedic surgeons, nurse practitioners, physician assistants, nurses, and other healthcare professionals who practice, research, or teach in the field of rheumatology.

About Us / Contact Us / Advertise / Privacy Policy / Terms of Use

  • Connect with us:
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Feed

Copyright © 2006–2021 American College of Rheumatology. All rights reserved.

ISSN 1931-3268 (print)
ISSN 1931-3209 (online)

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.
This site uses cookies: Find out more.