Doctor Data Hackers or Doctor Data Losers?

PeterWallace

The other week I went to the family doctor and was a bit surprised that everyone working there was walking around using IBM ThinkPad’s. Gone are the days of paper charts! (ok so it’s been a bit since I was at the doctors) It got me to thinking just how safe was my information? At check in they asked for my social security number and also for my driver’s license. On questioning why for the social security number I was told they really did not need that but they ask so they can look you up with it. The Drivers License they wanted to scan so that they would not have to ask me for ID each time I can there. Guess what they got neither as I’m willing to be ID each time I come. They were on a wireless network and all notes and information was entered in the computer.

I did some research and found out the U.S. Department of Health and Human Services that controls the HIPAA Privacy Rules has requirements that “by section 13402(e)(4) of the HITECH Act, the Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals.” Me being the geek that I am just needed to look at the data and see how can this information get out? Hacking into systems? Employees being careless? Companies being Carless? 288 HIPAA breaches were reported since September 9 2009 with some surprising results.

More than 49% of the breaches was caused by physical theft! Only 6% (18 cases) was caused by hacking a computer or network. Wow human error and not being careful with our information is costing us our information being out there. Losing a laptop with Medical patient information happened 14% of the time. Hmm those ThinkPad’s all the staff was carrying around at my doctors office, how many times did the lay them down? 16% of the cases were unauthorized access and 5% was improper disposal. About 9% of the incidents involved a combination of breaches.

Some really scary numbers there as when you see the doctor that is the last thing on your minds. Is this new wave of devices into the exam room ready for the security, tech support and infection control of today’s networks? For now I’ll make them ask for my ID each time and take some time finding my records.

For the actual list information feel free to review: http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachtool.html

fish hook

Catching the Big Phish

By Eberly Systems September 20, 2024
We're all in the same boat trying to avoid cybercrime! Here's our top ways to identify a potential phishing attempt.

Key Notes from the Security Team: Q3 2024

By Eberly Systems September 10, 2024
Focus on integrating with new team members and new customers

Key Notes from the Security Team: Q2 2024

By Eberly Systems July 9, 2024
Keeping you abreast of security news

Eberly Systems Acquires Lebanon County LYLAB Technology Solutions

By Eberly Systems May 2, 2024
West Lawn, PA, May 2, 2024 — Eberly Systems , the West Lawn-based managed IT services and managed voice provider, today announces its acquisition of the Lebanon-based LYLAB Technology Solutions. Eberly Systems seeks to further a movement of people who are motivated and equipped to make a difference in their world through their daily work. They believe in building lasting partnerships based on trust and transparency while delivering industry-leading solutions to support and protect critical business assets. Driven by the principles of people, excellence, integrity, and stewardship, the team prides itself on partnering with companies to securely, reliably, and efficiently grow their businesses. “We cannot be more excited to join forces with the LYLAB team,” comments Kordel Eberly, Eberly Systems President & Founder. “ The integration of LYLAB Technology Solutions into Eberly Systems solidifies our commitment to providing small businesses with unparalleled service and support. We’re proud of this new opportunity to carefully design and manage the IT infrastructure and systems of even more local businesses and communities.” The acquisition solidifies the Eberly Systems commitment to supporting businesses in Lebanon County. Merging the two teams together as one entity offers the collective team the benefit of enhancing capabilities, refining processes, and extending reach to better serve the evolving needs of small businesses in the surrounding area. Future plans include expanding their presence into Lancaster County.
computer help with IT support

Navigating Small Business Success: The Power of IT Outsourcing for SMBs

By Eberly Systems January 16, 2024
A trusted MSP can be your invaluable strategic partner.

Enhancing Business Security and Productivity with Microsoft Office 365

By Eberly Systems January 2, 2024
These 5 key features of Office 365 Business Premium make it essential for businesses to have.
set of keys

Key Notes from the Security Team: Q4 2023

By Eberly Systems December 19, 2023
Eberly Systems has been hard at work over the last year in a concerted effort to enhance the security posture of our clients’ information technology environments. Here are the quarterly updates.
construction site

Customer Success Story: Construction

By Eberly Systems July 3, 2023
After years of steady growth, the workforce at a construction development and property management company was becoming increasingly frustrated by disorganized data. Eberly Systems deployed a hybrid cloud storage solution for efficiency and secure data access.

SharePoint File Storage & Sharing Best Practices 

By Nate M. June 1, 2023
SharePoint file storage has both features and limitations that you should be aware of while storing and accessing files. Here's a rundown.

Best Practices for Creating Passwords in 2023

By Nate M. January 5, 2023
These are the Eberly Systems recommendations for creating good passwords in 2023.
More Posts