info@qualityplusconsulting.com l +1 262-553-6510

QPC podcasts have moved

Please forgive our old content here while we reorganize and redo our old website.

All new QPC podcasts are hosted on a more convenient platform for all of us.

Please visit https://qpcsecurity.podbean.com where you can use the Podbean mobile app, stream directly from the site, and sign up for the RSS feed.

Breakfast Bytes - Medical Offices Have No Security

 


5/15/2010

All of this data is fully applicable in 2014.

Hospitals tend to have security, but small practitioners and private practices frequently don't take security seriously. If you have ever used the services of a medical office, you should listen to this show.

A simple test you can use to tell whether or not the medical office you visit has security has to do with your x-rays. Ask them to email your x-rays to you. If you receive the email fully encrypted with the x-rays attached, then they likely have good security. If you receive an email that is not encrypted, then it is HIGHLY likely that office has insufficient security and is in violation of HIPPA regulations.

Additionally, if the medical staff attempt to photocopy or scan your driver's license, then they do not understand the Red Line Rule. There is another whole Breakfast Bytes show on the Red Line Rule.

NEVER let them photocopy you driver's license. Virtually none of these copiers have an encrypted hard drive. And never let them scan your driver's license. They have no legal basis for their desires. The Red Line Rule simply states that they must verify your identity IF you are using insurance in order to prevent insurance fraud. They do not need to copy your identity card to verify your identity.

Most medical offices do not even have HIPPA-compliant hardware-based firewalls. They also allow wireless on the same network as the practice management database. This leaves the practice management database wide open for hacking.

Listen to the show for examples and more details about security violations.

Linkedin