TMC Security Scout on Phishing

security scout doctor compliance

Of all the known cyberattacks that cause a data breach, phishing is the most expensive to remedy. A successful phishing attack most commonly reveals usernames and passwords, which paves the way to the data breach resulting in an average cost of $4.9m for victim organizations worldwide. The costs remain the highest in the healthcare industry […]

ALERT – Phishing Campaign

evernote phish 2

These phishing emails are targeting healthcare providers. The email has a subject of “(Victim Organization) (Date) Business Review” and utilizes a Secure Message theme. Inside of the email is a malicious link that takes the recipient to an Evernote site that looks like it belongs to the Victim Organization. On that site is an HTML […]

OCR’s COVID-19 Enforcement Discretions

Throughout the COVID-19 public health emergency that began in January of 2020, the Office for Civil Rights has issued several notifications of enforcement discretion for certain aspects of the HIPAA rules. This means that, for the topics covered, the OCR will not impose penalties for noncompliance with the HIPAA rules as long as the covered […]

Navigating Social Media, Online Reviews, & HIPAA

social media

No one likes a bad review. It is much more common for an unsatisfied customer to post a negative review than it is for a happy customer to post a positive review. Most business advice sites recommend responding to both good and bad reviews because it helps resolve issues and actually wins back customers. However, […]

Your Patients’ Right of Access

The HIPAA Privacy Rule grants patients the right to access their health information in a way that is easy and affordable for them. Providers are required to give patients access to their health information. There are some exceptions, of course, so getting the process right can be as confusing as being in a house of […]

Beware of Malware Lurking in PDF Email Attachments

Beware of Malware Lurking in PDF Email Attachments

Most malware that is delivered as an email attachment is usually a Word (.docx) or Excel (.xlsx) file. Cybersecurity threat analysts have recently discovered that PDF attachments are now becoming more popular to distribute malware. Since many people have been trained to be suspicious of opening Word and Excel files, they are not as cautious […]

ADA Cybersecurity Attack

In the past week the American Dental Association has confirmed that they fell victim to a cybersecurity event. There is a banner posted on the home page of the website alerting their members of this continuing situation and asking for their patience as the issue is resolved. News outlets are consistently reporting the following information […]

Your Patients’ Right of Access

The HIPAA Privacy Rule grants patients the right to access their health information in a way that is easy and affordable for them. Providers are required to give patients access to their health information. There are some exceptions, of course, so getting the process right can be as confusing as being in a house of […]

SUBPOENAS 101

subpoenas

Your practice has received a subpoena for client records. What do you need to do? Don’t panic. This is not unusual. There are several things you need to know up front. Read the entire subpoena carefully to determine who is asking for the information and, exactly what information you need to send. Never send more […]

HIPAA AND BATTLING PARENTS

Dealing with a minor’s medical records can be a minefield when a child is from a blended family or the parents have a contentious divorce going. Things get especially sticky when you add in stepparents and grandparents, and when a minor controls all or a portion of their own records. It’s a good time to […]