The TDSIT Blog

Don't Overlook Your Print Environment When Implementing HIPAA Compliance

Posted by Tim Stanley on Mon, Mar 20, 2017 @ 11:26 AM

HIPAA_3.jpg

According to the Health Insurance Portability and Accessibility Act (HIPAA), all medical businesses must maintain security of all confidential medical information. HIPAA compliance is the law and it is enforced by the Department of Health And Human Services (DHHS). This includes all devices like printers, fax machines, copiers and workstations. Failure to comply can result in significant fines.

Your print environment can present significant compliance risks. Print device security might be overlooked when a business rolls out HIPAA standards, or if an IT team simply misses critical aspects of printer security.

One well-publicized example occurred in 2010. Affinity Health Plan failed to erase patient data from leased copiers before returning the devices upon the lease term's completion. As a result 33,000 confidential medical records were compromised. The DHHS fined Affinity 1.2 million dollars as a result. 

Here are a few tips to help you maintain HIPAA compliance. Consider:

  • Securing Devices – All print, fax and copiers should be kept secure and only accessible by authorized staff. Track documents when printing and never leave documents unattended in print devices or fax machines.
  • Removing and Erasing Hard Drives – Prior to retiring, selling or returning leased equipment remove any drives and securely destroy all data. Failure to do so can result in legal liability and fines.
  • Authenticating Users and Creating Audit Trails – Password protect workstations and devices to prevent unauthorized access. Use PIN numbers or swipe cards to authorize users and create an audit trail. Administrators should have audit trail capabilities to prevent unauthorized access. Devices should also have an auto-off feature.
  • Data Encryption and Removal – Any data stored on device hard drives should be encrypted using SSL protocols. Your network should also be secure and encrypted. Data stored on drives and devices should be regularly removed or destroyed.

Failure to meet HIPAA standards can result in leaving your business open to legal liability and DHHS fines. Is your company 100% HIPAA compliant, including your print environment? Contact us today and let us help you ensure compliance!

Print Assessment

 

Tags: HIPAA compliance

Medical Practices and BYOD Safety Measures

Posted by Tim Stanley on Tue, Feb 16, 2016 @ 12:13 PM

Medical Practice BYOD Safety Measures, Total Document Solutions, Fayetteville, AR

When physicians enter an exam room, it is frequently with a tablet or phone in hand. Through technological advancements, these personal devices allow physicians instant access to patient history, drug interaction databases and specialist reports, improving patient care both in the office and out. However, without a security policy in place, sensitive and confidential patient information could be put at risk.

A Security Hazard

Many medical offices are permitting physicians and medical personnel to access sensitive patient information on their personal devices. While this is convenient, if not properly protected, these devices can be hacked, exposing sensitive patient information. Some common risk points include a lack of password protection, not installing or using anti-malware software and accessing unsecured Wi-Fi networks. In addition, without proper security measures in place, the office could be found in violation of HIPPA and HITECH regulations and subject to fines.  

The Solution

Taking some simple steps to improve security can have a large impact on patient privacy. As part of your BYOD security policy, you should consider the following regulations:

  • All devices should be protected with a strong password that is changed regularly.
  • Personal devices should be scanned for malware prior to accessing the private network and patient information.
  • Personal devices should have anti-malware scanning software installed to help prevent hacking when on unsecured networks.
  • Use of tracking software that can delete private information if the device is reported lost or stolen.

Personal devices can help improve patient care, and with proper security measures in place, physicians and patients can safely enjoy the benefits of the medical technologies available today.

 

Tags: electronic heath records, healthcare, password security, security, Total Document Solutions, HIPAA compliance, technology trends, BYOD

How Your Medical Office Could Benefit from Managed Print Services

Posted by Tim Stanley on Thu, Jul 11, 2013 @ 08:30 AM

How Your Medical Office Could Benefit from Managed Print Services

There are few things in life more important to us than our health and even fewer people and pieces of equipment that we place enough trust in to monitor everything from colds to cancer.

Once the scans, tests and observations are over though we tend to forget about the inevitable file clean up that ensues.  Our records are updated and all documents are filed, boxed and stored accordingly and as meticulous as we are about ensuring the highest quality of care during our diagnosis, we take relatively little heed of the security of our files.  Though its not necessary to worry about our records every minute of every day it is important to choose a machine that will protect them for us.

A multifunction printer is a far more complicated device than one might assume from its name.  From document management to security, tech support, content management, and print cost savings. It is a one size fits all machine for your office and, most importantly, for your healthcare system.

For the paper-heavy healthcare industry the document management properties of an MFP are essential. An MFP offers high speed and integrated, direct scan to EHR capabilities.  This means that users are provided with a fast, convenient and cost effective method in which makes it easier to manage patients records and deliver them electronically.  The files include diagnostic and business imaging file types integrated directly into the EHR system, for faster and more frequent appraisal by the patients and doctors.

Security is paramount for any healthcare office.  Standard security features on an MFP include: automatic hard disk erase, SSL and network encryption, audit trails and logs of all documents scanned printed copied or faxed on any device. Authentication methods include proximity cards to meet the needs of any doctor’s office, clinic or hospital. These capabilities meet the needs of HIPAA requirements in a cost effective manner.

IT glitches are the bane of any office’s existence. The one-size IT solution packages don’t offer nearly enough support or coverage for most offices. Managed IT solutions from our All Covered offers customized, scalable, end-to-end solutions that include electronic health record infrastructure preparedness, secure access to medical data, streamlined workflow and increased productivity. All Covered Healthcare IT Services group delivers real value for physician practices, hospitals and ancillary care providers. 

As mentioned previously healthcare is a very paper heavy industry. Electronic Content Management (ECM) offers comprehensive document management and a high level of business process optimization. ECM maintains document content from scanned images, electronic documents, forms and multiple file formats and provides intelligent form recognition based on business application usage, workflow rules and unmatched integration with virtually any HIS/EHR or back office system.

In the same vein as ECM is Optical Character Recognition (OCR). The optional DocuShare add-on means that page images can be converted into searchable PDF files, Microsoft Office documents, or simple text files.  This enables the files to be located, viewed, and modified. After processing the images are fully indexed and can be searched based on text contained in the new file.

The results of these capabilities are savings. Cost Recovery integrates with all of the industry’s leading cost recovery systems.  A built-in “Vendor Port” makes integration seamless.  Savings happen in all areas from digitization, to print supply and print job tracking, more effective content management and energy savings with the consolidation to fewer electronic devices.

Click here to find out how your medical office can save up to 30% in print costs in 30 days:

cut print costs

Tags: managed print services, MPS, electronic heath records, healthcare, HIPAA compliance