Electronic storage of medical records has proven to be beneficial for patients, doctors, and the environment, but it does come with potential security issues. Patient records must remain HIPAA compliant, even in a disaster. Patient records can be compromised by a natural disaster like a hurricane or flood, a system failure, or even human intrusion. It happens.
A HIPAA Disaster Recovery Plan is a Compliance Requirement!
A HIPAA disaster recovery plan is not an option, but a requirement, as defined within the HIPAA Contingency Plan standard in the Administrative Safeguards section of the HIPAA Security Rule. Here is what is expected in a standard HIPAA disaster recovery plan:
- A HIPAA-compliant disaster recovery plan must state how operations will be conducted in an emergency and which workforce members are responsible for carrying out those operations. The plan must also explain how data will be moved without violating HIPAA standards for privacy and security.
- It must also explain how confidential data and safeguards for that data will be restored. Although HIPAA doesn’t specify exactly how to do this, it does note that failure to adequately recover from a disaster could lead to noncompliance. Failure to comply exposes officers of the organization to repercussions, such as fines or jail time.
- Organizations must have an administrative authority in charge of managing and enforcing HIPAA compliance rules, regulations and efforts. There should be a clear set of guidelines in place regulating who is and isn’t permitted to access patient information. All access to sensitive data and systems should be monitored.
Meeting all these HIPAA Disaster Recovery plan requirements may seem overwhelming, but mPowered IT can help with different options to help your practice mitigate risks and have a recovery plan.
Why risk noncompliance in a disaster, when you can prevent it? Call mPowered IT. We fully understand HIPAA compliance and ensure your medical office stays within it.
Call 678-389-6200, contact us online, or text IT911 to 72727
YES. In fact, your small business may be targeted specifically because it is small.
Cybercrime targeting small businesses is on the rise. You may not suspect that your business is a target for cybercrime. It is. Hackers are not picky from who they steal from and your business is no exception.
The most common method hackers use is ransomware.
Here are three known ways hackers execute a ransomware attack:
1. After you discover you cannot open a file, you receive an email ransom note demanding a relatively small amount of money in exchange for a private key. The attacker warns that if the ransom is not paid by a certain date, the private key will be destroyed and the data will be lost forever.
2. You get duped into believing you are the subject of a police inquiry. After being informed that unlicensed software or illegal web content has been found on your company’s computer, you are given instructions for how to pay an electronic fine.
3. The malware surreptitiously encrypts the your data but does nothing else. In this approach, the data-napper anticipates that you will look on the Internet for how to fix the problem. The crooks make money by you selling anti-ransomware software on legitimate websites.
Luckily, we are well equipped to prevent ransomware and other cyber attacks. Enforce Managed Security protects your entire network against any type of threat, attack, shutdown or outage — saving you downtime, loss of revenue, lawsuits, and possible collapse.
Call 678-389-6200, contact us online, or text IT911 to 72727
We have all been there.
The moment of sheer panic, followed by dread. An important document goes missing for inexplicable reasons, or your computer shuts down taking your file with it. You remember saving, but as hard as you search, you can’t seem to recover it.
Defeated, you find yourself forced to scramble, push back important deadlines, and explain to your supervisor or client why the meeting, product, or service is going to be late. Everyone loses.
Having a secure backup method for your small business is essential.
Specifically, offsite data backup. A USB drive can easily be damaged or broken and takes time to load each file. CDs are simply outdated. Even automatic once-daily onsite backups are not enough – you could lose a whole day’s worth of data. Having quick access to most recent copies of your files saves time and money.
The best data backup solutions enable you to recover lost data fast, without disturbing your workflow. When there is a crisis, a data backup isn’t a luxury – it’s a necessity.
So what is your network relying on?
Most small business’s backup systems are inadequate, don’t address the most basic backup needs (restore time and restore points) and ignore some of the most common threats to your data.
The mPowered IT Ensure Program provides complete Backup & Disaster Recovery (BUDR) services so whatever disaster occurs to your network, your data is safe and available.
Call mPowered IT BEFORE You Lose Data!
Call 678-389-6200, contact us online, or text BackUsUp to 72727
If you’re like most business owners or managers, you’re paying a monthly fee for an IT service provider to make sure your network works, and you have support and backups in case it doesn’t.
In talking to business owners, we’ve discovered that many of them had learned that issues were not adequately fixed, or that their backup system really did not work. In other words, they were paying for services they were not actually receiving.
Unfortunately, the only way they discovered this was when the day came that something went terribly wrong, and adequate backups were not in place. Data was lost, and the business suffered.
It’s hard to know if your IT service provider is doing their job, especially if you’re not technical enough to even know what to ask. Here are two things you can ask your IT service provider, which will give you a clearer picture:
- When you fix a problem, are you also fixing the root issue? The answer should be yes. If they don’t address the root issues, the fixes will be temporary and the problems will resurface. If your provider is charging extra for service calls or tracking time against your allotted hours, they may not really have an incentive to fix root issues, since they get to bill you when there are problems to fix.
- How often is my network backed up? If the answer is once per day, you have reason to be concerned. That means you could lose an entire day of work if your network crashed – every business transaction, every project, every email. What you need is backups throughout the day, plus a virtual system to work from while your server is being repaired.
At mPowered IT, we work with you as a business partner, so our goals are aligned with yours. It’s much better for you when your network is secure and operating without issues, and it’s better for us too. When you work with mPowered IT, you get what you pay for, and so much more.
Call us at 678-389-6200 or contact us online.
As you probably know, phishing is an evil attempt to gain access to your private information – or to destroy your computer network – by sending an email that appears to be from a legitimate source. Often, these appear to be from a business with whom you already have an account, such as a credit card company, and the email requests that you update your information, and provide a link to do so. Clicking that link is like stepping on a land mine.
But the phishing trend for businesses is to send an email regarding a security threat – to play on your fears of dealing with a breach. As of 2015, 78% of known phishing emails were security related, and they posed as the company’s IT department, or its anti-virus vendor. And, of course, opening the link in that email causes the very breach you were trying to avoid.
Please be aware of this, and remind your employees never to open an email, nor click on a link in an email, without knowing the source. They should always check the sender’s email address – that’s usually a dead giveaway. Instruct you employees, that any email regarding a security issue should be forwarded, unopened, to a designated person in the company who is in charge of network security.
For more information about keeping your business secure against phishing, hackers, outages, and all other threats to your computer network, call us at 678-389-6200 or contact us online.
We ran across this disturbing security trend and wanted to make sure all businesses, especially smaller ones, are aware of it. Most business owners or managers assume that if they have a security breach, they’re going to know about it. They imagine systems failing or some other obvious calamity.
But what’s now happening is, on average, businesses are being “robbed blind” for six months before they become aware of the breach. And, 69% of those businesses only found out because an outsider informed them of it, such as law enforcement or a business partner.
The easiest way to prevent being robbed blind, or becoming a victim of any security threat, is to make sure you have real security measures in place, and those measures are constantly updated and monitored to stay on top of evolving threats. This is hard for small businesses, because it can be expensive to devote resources to network security. But, that’s why we’re here! mPowered IT is designed and priced to support small business. Take a look at how we can secure your business for a fraction of the cost of hiring IT staff.
For more information about keeping your business secure against threats to your computer network, call us at 678-389-6200 or contact us online.
As your Managed Services Provider, we like to educate all our clients on best practices for keeping your business safe from hackers. One of the easiest ways for a hacker to wreak havoc on your computers, is for you or your employees to click a link in an email – without first questioning where it came from. You may think you already know not to open a link that looks suspicious, but the criminals who do this for a living have evolved their tactics, so many malicious links do to appear at all suspicious.
Here’s is an excellent article in USA today that really lays out what to look for, and how to avoid devastating your network with one bad click: Don’t click any link before asking these questions
John Mamon, CEO, mPowered IT
by CW Hall, Business Radio X
Click to hear the podcast
On this episode of Midtown Business Radio I featured two Atlanta area companies that help business from a couple of directions. John Mamon, CEO of mPoweredIT, came by to talk about their outsourced IT solution. He introduced us to Brian Keen, President/CEO of Health Cooperative Strategies.
mPowered IT is an IT support services provider focused on delivering the entire IT value chain to small and medium medical practices and businesses. Offerings include fixed fee IT support, cloud services, backup and disaster recovery, and managed network security.
John shared how he came to starting his service company that enables medical practices and small to mid-sized businesses focus on their core functions rather than spending unproductive time trying to maintain and manage their IT hardware, software, and infrastructure.
Brian Keen, President & CEO, Health Cooperative Strategies
We talked about the fact that for most small- to mid-sized businesses it makes sense to outsource the IT management function in order to maximize reliability of vital IT elements, their security, and compliance, while at the same time, spending less than would be required if they were to hire a skilled expert themselves.
Brian talked about how Health Cooperative Strategies collaborates with associations, chambers of commerce, and other large groups such as GPO’s to create self-funded health plans. In this way, these organizations are able to offer large-group-type health plans that in some cases, equals the benefits and member expense as a 10,000+ employee company.
We talked about how, before the ACA, health plans were able to offer discounted rates to organizations such as these for insuring large, mostly-healthy groups for inclusion in the plan. The recent level of implementation of the ACA changed that, making it impossible for companies participating in exchanges to offer such a discounted, minimal-risk group plan.
Health Cooperative Strategies fills that void. They are able to work with these organizations who seek to provide such benefits to help them create a self-funded plan and/or to combine with other similar groups to forge an even-larger group that helps them offer outstanding benefits for a comparatively low rate.
John Mamon, CEO of mPowered IT on Atlanta Business Radio
by CW Hall, Business Radio X
Click to hear the podcast
This week I sat down with experts from the healthcare IT sector. John Mamon is the CEO of mPoweredIT, an outsourced IT company that devotes expertise to the small to mid-sized medical practice, helping them manage their computer hardware, infrastructure, and software needs for far less than it typically costs to employ someone dedicated to these functions within the practice.
John talked about how often, in an effort to save money, small practices place responsibility for managing these facets on a practice manager, a clinician within the office, or even the doctors themselves. Clearly this can take away from the core function of the office—taking care of more patients.
He shared a number of important concerns that can expose these offices to risk such as HIPAA requirements, downtime of equipment, ACA compliance, and others. Each of these can create significant cost or loss of productivity when small offices attempt to handle things on their own.
mPoweredIT is able to scale their services to the needs of the practice, providing the full suite of IT management or taking over particular elements on behalf of the practice. The company also partners with several other health experts who can provide additional support in areas such as billing/revenue cycle management, EMR selection, and others, to allow their clients to maximize productivity and profitability at the same time.
John introduced us to Harvey Shuster, of Emergence, a Georgia Medical Accelerator. Harvey, a multiple-time entrepreneur, was one of the founders of Peachtree Software among others. He and his team work with emerging healthcare technology companies, helping them to commercialize and bring to market their devices/technologies more quickly.
Harvey brought along Osama Hashmi, CEO/Founder of VitaminC. This company adds an additional layer of automation and engagement to EMR systems. Their software allows providers to contact patients and encourage follow-up visits where appropriate to facilitate care/outcomes while at the same time helping the practice to maximize its potential for seeing patients in need.
VitaminC integrates well with numerous EMR systems and has proven valuable to primary care doctors and specialists such as dermatologists, plastic surgeons, and others.
Technical support and security updates from Microsoft for Windows Server 2003 will end on July 14th.
This means your server will be at a heightened risk for potential attacks and brings in to focus a number of important issues. Check out these three:
Important Issue #1
The hacker community will likely view unsupported systems as compelling targets. The more Windows Server 2003 users that remain after July 14, the greater the risks. Currently, there are millions of businesses running Windows Server 2003. Even the department of homeland security is concerned. Check out what they have to say here.
Important Issue #2
Compliance violations for businesses on version 2003 are imminent. Companies that process regulated data – such as credit card payments or patient medical records – may be out of compliance. This could result in fines, or worse, being cut off from key partners.
Important Issue #3
If you have a security breach, you’re required to report it. A security breach occurs when there is a loss, theft, or other unauthorized access to sensitive information. 47 states now have security breach notification laws, meaning that businesses must immediately disclose a data breach to their customers. If you are breached, how will this impact the trust and integrity of your company? See state laws here.
Let us help you keep your business protected and think through your options. Network security, cloud services, and IT support are our specialties.
Learn more about Network Security for: