As part of our HIPAA and Cybersecurity Reviews for Small Practices, we get to see lots of HIPAA mistakes. It’s interesting to spot the similarities across so many different companies. Here are nine of the most common HIPAA mistakes that we see. The scary part is we see them all the time. HIPAA Mistake 1: [...]
Google’s email, calendar, and productivity tools (recently renamed to “G Suite”) are absolutely fantastic. They’re easy to use and very affordable. G Suite is also highly secure, but there are very specific things that you need to do to make G Suite / Gmail HIPAA-compliant. Here are some big ones... Disclaimer: we are not lawyers. [...]
Last week, a nasty ransomware email showed up in my personal Gmail inbox. As free services go, Gmail is pretty good at spotting phishing and ransomware emails. However, they completely missed this one. It wasn't in my Spam folder, and it had none of the warnings from Google that it might be malicious. Here's what [...]
A lot of companies make a huge mistake when it comes to G Suite and HIPAA. They think that all they have to do is sign a HIPAA Business Associate Agreement (BAA) with Google, and they're suddenly HIPAA compliant. Nothing could be further from the truth. Here's the story of Ted (not his real name). [...]
Last week, we were sitting in a conference room with 20 people. These were smart people. All highly educated. They all use computers every single day. We were talking to them about ways to keep safe online. The conversation ranged from phishing to ransomware to staying safe at home. It was fun to be with [...]
Video Transcript Here's what the average person needs to know about WannaCry ransomware. I'm sure you saw the news over the weekend that hundreds of thousands of computers have been hit by WannaCry ransomware. It's all over the place. I'm going to show you a few things you can do to know whether [...]
Thinking about moving some services to the cloud? Is Microsoft Azure HIPAA compliant and suitable for ePHI? A client wanted to use Microsoft Azure as a HIPAA-compliant disaster recovery site, so we took a look. Here’s what we found about Microsoft Azure and HIPAA compliance. Will Microsoft Azure sign a HIPAA Business Associate Agreement? Any [...]
Thinking about moving some services to the cloud? Let’s look at whether Google Cloud Platform HIPAA compliance. We recently helped a medical company evaluate Google Cloud Platform (GCP) as a disaster recovery site. Here’s what we found about Google Cloud Platform and HIPAA compliance. Will Google Cloud Platform sign a HIPAA Business Associate Agreement? Any [...]
If you’re a Windows user, here are five free things you should do right now. These will help you with your HIPAA compliance and reduce the risk that you’ll be hacked. 1) Encrypt your hard drive Use BitLocker, Microsoft’s built-in hard drive encryption utility. You can get instructions here: https://support.microsoft.com/en-us/instantanswers/e7d75dd2-29c2-16ac-f03d-20cfdf54202f/turn-on-device-encryption 2) Take a screenshot to prove your laptop [...]
Many practices want to use cloud storage services and hosted email. Is Google’s G-Suite HIPAA compliant? […]