Electronics

What Does HIPAA consider to be a Mobile Device?

Posted on July 26th, 2012 by Dexcomm Systems Engineering Department

HIPAA defines a mobile device as any device that allows storage of data on itself by using it’s on-board memory or within the SIM card of a memory chip. Mobile devices can be used to send and transmit data, which may include Protected Health Information (PHI or ePHI) under HIPAA. Sending and transmitting PHI or ePHI through these devices has proven to be risky because of the unique security risks involved.

mobile device

Popular handheld devices include stand alone PDAs like Palm and Apple’s iPod touch, iPhone, Android phones, Blackberry, etc. Also included are tablets such as Apple’s iPad and Microsoft’s Surface. HIPAA requires that PHI be safeguarded against threats to security, integrity and unauthorized use.

For detailed information on HIPAA and Mobile Devices click here for the Dexcomm eBook “Prevent Your Mobile Devices from Causing a HIPAA Violation”.

Easy Data Backup Strategy

Posted on June 14th, 2012 by Dexcomm Systems Engineering Department

Backup 3..2..1

Don’t Skimp on Your Data Backup Solutions

When it comes to technology in your office, performing routine backup is vital in protecting your data. Losing it can be costly, but also jeopardize your business. To ensure your patient information is there when you need it, follow this 3, 2,1 strategy to backing up your data.

Have three copies of your data (one primary/production copy; two backup copies). Primary data can remain on your computer (production) system for daily use.

Store your backups on at least two different types of media such as hard drives, tape, solid state drives, dvd, cd, etc…

Tip: www.secondcopy.com is a great software source for automating your backup strategy.

Store at least one copy of your data offsite. Using cloud services like Dropbox or Mozy is a great online and offsite solution. A less modern alternative is using a safety deposit box.

We hope that these simple solutions will help you protect your data and business. Remember to update your backup copies on a regular basis to keep the information current.

Prevent Your Mobile Devices from Causing a HIPAA Violation

Posted on June 11th, 2012 by Dexcomm

eBook - Prevent Your Mobile Devices from Causing a HIPAA Violation

If you or any member of your staff has or can access 500 or more patient records using a mobile device, it is time to prepare a speech for the media and a check for the Office of Civil Rights because you are at risk for a HIPAA violation.

Or learn how to protect your practice from a PHI breach and get HIPAA required safeguards, along with other time-saving useful resources by downloading and reading your complimentary e-book.

Power Outage Tips for Technology in Your Office

Posted on June 7th, 2012 by Dexcomm Systems Engineering Department

surge protector Many of us who own or work for small businesses don’t always have the option of calling the IT Department every time there is a computer question or issue. The same is true during periods of emergency preparedness. But when havoc strikes, there are several actions you can take to protect your data and technology.

Our Dexcomm expert has put together a few power outage tips to assist you and your business in protecting your assets.

Establish the necessary servers that have to run during your power outage. What is the minimum you can still function with? What can you temporarily work without and what can you not do without?
Ensure that all servers/computers/electronics have surge protectors. In the event of a storm or power outage, this will help buffer the hit to the device. If the computers/servers are being powered by some other source, a surge protector helps filter the power coming in and protects the computer/server.
Use battery backups. The benefit in having the battery backup is it will keep your computer/server up and running in the event of power loss. Some are small and will provide up to 30 minutes of time, while larger ones can give you a few hours. It all depends on how many computer/servers that backup needs to support. The more computers, the faster it drains.
Generate energy. For prolonged power outages, generators are what will keep the computers up and running. A built in generator with automatic failover is the best option but can be expensive. At the very least, keep a few small generators handy as backup. *Remember* something can always fail! Determine beforehand how these generators will need to be hooked up to provide the best power to your equipment. Plan ahead which computers/servers will run off of which generator.
Keep cool! In the event of a power outage, there is no longer cool a/c air to keep your computers at an acceptable temperature. It will get very HOT quickly and the computers can start to shut down due to overheating. Fans are a great way to keep the air cool and circulating, but take into consideration the additional power needed from your generators.

All of these actions work hand in hand. When the power goes out, a battery backup will keep your vital computers up and running long enough to get the generator going. The surge protectors will help filter the power coming in thereby making it safe for your server. The fans will keep everything cool enough to function. But the first and most important action a small business can take to protect their data and technology is planning. Good luck!

Technical Safeguard Tips

Posted on April 11th, 2012 by Dexcomm

If the electronic PHI is stored and transmitted in encrypted form, then how you would handle the security breach drastically changes. Any data can be encrypted. Encryption is a process that converts plain text into cipher text which is unreadable to any unintended entity that has accessed the file without “permission.” It works by using a mathematical algorithm called keys that code and decode the cipher text. This process is performed by computer programs or specific hardware designed for this purpose.

HHS states that any HIPAA compliant entity is not exempt from the breach notification requirements if the entity keeps the keys on the same device as the encrypted data. Ask your vendor before selecting your encryption product. Keys can be stored on a USB flash drive, a key server or be regenerated as needed. For more information visit HIPAA Security Rule FAQ Regarding Encryption. On your computer, programs such as Microsoft® Encrypting File System (EFS) are built-in encryption programs that are easy to use by just changing the properties of the folder. Click here for a full list of programs.

The same protection extends to your mobile devices which should also be password protected. Change your passwords regularly: at least every 90 days. Any EPHI that is utilized or stored on a mobile device must also be encrypted including; accessing a web portal on the mobile devices web browser, SMS/text message, email or images.

Administrative Safeguard Tips

Posted on April 9th, 2012 by Dexcomm

Start by taking an inventory of all of the devices within your practice that are used to access and/or store EPHI. We recommend including what the device is intended for in regards to use/access to EPHI. Make sure to include the operating system the device is using. Remember your inventory will need regular updating depending on changes in employment and system updates. Tip: Set reminders in your calendar.

Review your practice’s policies to make sure they encompass mobile devices. Training and enforcement is, as always, the key to your practice’s success.

HIPAA violations at your fingertips

Posted on April 3rd, 2012 by Dexcomm

The amount of Protected Health Information (PHI) that could be on your employee’s phone is staggering. Access to the protected information can be as easy as unlocking a smart phone. Mobile devices collect and contain PHI such as a patient’s name and phone number or a picture of a patient’s wound while they were in the office for a routine visit. Are you prepared for a situation as simple as a member of your staff answering a call on their cell phone? Who has access to this information? When the employee is at home and their 14-year-old is playing with the mobile device and sees a text message containing PHI, you now have a HIPAA violation and a possibility of the daughter seeing a name she recognizes and placing the information on Facebook, Twitter or any social media they may be associated with.

E-Prescribing: it can save you money

Posted on November 24th, 2011 by Bill

e-Prescribing

Lately, we have put a lot of blogs up about smart phones and how they integrate into the medical community. One of the most important ways that they can make health-care provider’s lives much easier is through E-prescribing. A lot of doctors and health agencies have already implemented some form of sending prescriptions via an electronic service, citing the ease of use and time-saving aspects that electronic prescriptions offer. However, that isn’t all that E-prescription can do for you; it can also save you money.

New governmental initiatives are pushing for modernization of data maintenance across the board in the medical services, including prescriptions. In order to accomplish this, the federal government passed the HITECH Act in 2009. This act offers incentive payments to physicians through Medicare and Medicaid if they use electronic prescriptions for more than 40% of their prescriptions, not including those for controlled substances.

Government incentives are direct ways in which E-prescribing can cut costs. There are, however, many indirect ways that handling your prescriptions electronically can reduce your overhead. The most important of these is in the time saved. “time is money” is a cliché for a reason. Although it may seem quicker to just write out a prescription by hand, this is not the case. In fact, one third of all hand-written prescriptions necessitate a phone call from the pharmacy for clarification. To put this in more stark relief, the Medical Group Management Association estimates that, on average, medical practices receive fifty phone calls a day from pharmacies. These calls are disruptive to workflow, and thus consume time.

Furthermore, E-prescribing makes more efficient use of the physician’s time. Electronic prescription systems contain databases and programs that account for drug interactions and contra-indications, which means that the physician does not have to. Over time, this increases efficiency and productivity, and both add up to dollars saved. In one study, published in 2007, a group practice of thirteen physicians claimed that by transferring their records completely to an electronic format, they saved 1 million dollars in the first year and a half. Considering that this included the cost of implementing the system, that is an impressive saving (especially when you take into account that this does not include the federal reimbursement mentioned above).

For more on E-prescription, read Electronic Prescribing: Building, Deploying and Using E-prescribing to Save Lives and Save Money put out by the Center for Health Transformation. For more information on the HITECH Act, see Electronic Prescription Is Safe And Efficient, However Hurdles Remain.

Can smart phones actually help people?

Posted on November 2nd, 2011 by Noah

eye exam via smart phone

Dexcomm has been in the communications industry since the 1950’s and over that time we have always strived to stay on top of the amazing changes in communications technology. We were the first telephone answering service in the state to be able to receive and deliver emails. We offer sms, email, and fax delivery, web based on call management, and are currently bringing onboard a completely secure and HIPAA compliant smart phone app that will allow medical practices to communicate all their messages in a private and encrypted environment.

Our secure messaging app for smart phones is an one example of great leaps in technology. Another example aimed at helping people around the world is featured in the following video. Netra has developed an app, and cheap ($2) accessory to the smart phone that can provide quick and accurate eye exams. The impact that this development could have for children around the world, in developed and undeveloped countries alike is amazing.

3 Examples of Bio-medical Monitoring with smart phones

Posted on October 4th, 2011 by Noah

iPhone-Portable-ECG-Device

We are all aware of the amazing things that our smart phones are becoming capable of, but did you have any idea of the true scope of their capabilities? One of the most recent and fastest growing segments of smart phone development goes hand in hand with the miniaturization of bio-medical monitoring equipment.

These developments will bring advanced bio-medical monitoring, previously only available in the hospital or with expensive hardware, into the homes of many. The ability to monitor critical health information, and more importantly alert one’s physician to important fluctuations will potentially save lives and dramatically reduce health care costs. The applications are endless, and the advantages priceless.

Following are three examples of what some developers are currently bringing to market.

Withings: The Smart Blood Pressure Monitor, Body Scale, and Smart Baby Monitor

AIRSTRIP Technologies : Healthcare Anywhere

AliveCor : iPhone ECG

Page 1 of 312 3 »

Dexcomm

Your Voice. Heard.