2017 has been another busy year for HIPAA breach investigations, which cost the industry over $19 million in fines paid to the government. Unless radical changes are made across the healthcare industry in the next few months, then the outlook for 2018 doesn’t appear to be much better. In preparation for the year ahead, here […]
According to the 2017 Cost of Data Breach Study, healthcare data breach costs are the highest among all sectors for the seventh year straight. The annual study, conducted by Ponemon Institute and sponsored by IBM Security, reveals that the average cost of a data breach is currently $3.62 million globally, which is actually a 10% […]
When most people hear about HIPAA violations, usually the first thing that comes to their mind is ‘data breach’ – hardly surprising considering how frequently large-scale data breaches occur within the healthcare sector. But while healthcare data breaches have become an unfortunate fact of life, there are a number of lesser known HIPAA violations that […]
The 2017 Data Breach Investigations Report (DBIR) published by Verizon reveals exactly what is happening in the world of cyber security right now. This year’s report is based on analysis of over 40,000 incidents, including 1,935 confirmed data breaches. The report reveals that a large number of organizations continue to rely on the same defense […]
Last month, President Trump signed his long-awaited cybersecurity executive order, titled “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.” The aim of the executive order is to modernize the federal IT network and national cybersecurity risk management. While much of the executive order specifically addresses defense law enforcement agencies, a section addresses critical […]
For the past 9 years, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has published all reported breaches of unsecured protected health information (PHI) affecting 500 or more individuals on its Breach portal – more commonly referred to as the “wall of shame” – as required by section 13402(e)(4) […]
Last week, the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) published new guidance for covered entities on the correct response procedures following a cyberattack. Titled ‘My entity just experienced a cyber-attack! What do we do now?’ the guidance consists of a quick response checklist and an accompanying infographic to highlight […]
Lack of BAA leads to $31k HIPAA settlement The Office for Civil Rights (OCR) recently announced that The Center for Children’s Digestive Health (CCDH) has paid a settlement of $31,000 to The Department of Health and Human Services (HHS) for potential violations of The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. In its […]
April 22nd is World Earth Day, with this year’s campaign focused on educating people about the environment and climate change. The day serves as an important reminder that we are all responsible for stepping up and doing our bit for the planet. Something as simple as switching from manual fax to cloud fax can massively […]
We recently attended The 2017 HIMSS Annual Conference & Exhibition (HIMSS17), the biggest date in the health IT calendar. Now the dust has settled on this year’s event, we thought we’d share three of the major talking points from the three days we spent in Orlando. Cybersecurity Cybersecurity has long been one the biggest talking […]
A growing number of health providers are looking to mobile devices to improve operational efficiencies and patient health outcomes within their organizations. Yet, according to The U.S. Department of Health and Human Services (HHS), a reported 10% of major health data breaches involve a mobile device. This figure considered, it comes as little surprise that […]
In just under a week’s time, the doors will open to The 2017 HIMSS Annual Conference & Exhibition (HIMSS17), the biggest date in the health IT calendar. Over 40,000+ health IT professionals, clinicians, executives and vendors from around the world are expected to attend this year’s event, which will be hosted in the Orange County […]
It’s no secret that healthcare data is attractive to hackers. Hacking and IT-related incidents make up the majority of compromised PHI, but why exactly has the healthcare sector become such a popular target? Long term benefits PHI is thought to be approximately 10 times more valuable to cyber criminals than credit card data due to […]
As the world becomes increasingly interconnected, technology adoption remains one of the defining factors in the modern healthcare environment. Here are three technologies that will help shape the future of healthcare through 2017 and beyond. Wearables Wearable medical and fitness technology is becoming more common throughout the world, and as more devices enter the market, […]
Implement an efficient incident response plan As the new year is upon us, it’s time to start thinking of some resolutions for the year ahead. Why not try something different this year and set your organization some resolutions based on improving cybersecurity, such as the following: Talk to your employees more Human error is frequented […]
Encryption is the process of converting readable information into indecipherable code, while in transit or storage. Encryption is important because it prevents unauthorized parties from accessing sensitive data or information, which for the healthcare industry in particular, is critical for keeping patient health records private. While no organization is immune to the threat of security […]
Cloud fax is transforming day-to-day workflows for businesses of all sizes across a wide range of industries. As well as helping save the planet (enough of a reason to switch from manual faxing alone, in our opinion), cloud fax services can benefit businesses in a number of ways. While not an exhaustive list, the following […]
Email is a much newer technology than fax, but fax use continues to grow by more than 12% every year. This has left many onlookers confused as fax seems like it should be left in the past – how wrong they are.
New guidance released by Office for Civil Rights (OCR) confirms that cloud service providers (CSPs) that store patient health information must now comply with HIPAA. If you’re thinking, “why only now?”, you’re not alone. Cloud storage is one of HIPAA’s many gray areas, due the fact CSPs have, until now, been able to circumnavigate their […]
Healthcare organizations have generally been slow at implementing appropriate cybersecurity safeguards, positioning the industry as a magnet to cybercriminals. In fact, a recent poll highlights that the majority of U.S. hospitals have fallen victim to at least one ransomware attack in the past twelve months. In recognition of this vulnerability, the Health and Human Services’ […]
Catholic Health Care Services (CHCS), a Pennsylvania based company that provides management and information technology services as a business associate to six skilled nursing facilities, has been ordered to pay $650,000 to settle HIPAA violations connected to the theft of an employee’s iPhone. The incident compromised the PHI of 412 nursing home residents – including […]
Unless you’ve been living under a rock for the past few weeks, you’ll undoubtedly be aware that LinkedIn is back in the media spotlight, and once again, it’s for all the wrong reasons. Back in 2012, the business-oriented social networking platform fell victim to a data breach that resulted in more than 6.5 million of […]
The Sixth Annual Benchmark Study on Privacy and Security of Healthcare Data from Ponemon Institute reveals the leading cause of data breaches for hospitals and medical providers for the second consecutive year is cybercrime. Despite experiencing multiple data breaches of this nature, the majority of healthcare organizations are lacking the resources to effectively manage […]
A few months back, we published a guide detailing some of the “Facts of HIPAA’ that all covered entities and business associates need to be aware of. The HIPAA rules apply to behavioural and mental health in much the same way, but there are a few differences for providers who specialise in these fields. This […]
For Earth Day we’ve created an infographic illustrating the how manual fax machines damage the environment. Switch to Sfax cloud faxing and reduce your environmental impact.
The HIMSS Annual Conference & Exhibition has long been a hotly-anticipated date in the health IT calendar, and this year’s event was no exception. As the dust settles after HIMSS16, we’ve compiled five of the biggest topics of conversation from our five days in the Mojave Desert. Cybersecurity Cybersecurity was a major talking point of […]
The HHS Office for Civil Rights (OCR) has published new guidance on its mHealth Developer Portal, to help app developers determine how HIPAA regulations might apply to the products they are building. The new guide, entitled Health App Use Scenarios & HIPAA, includes six hypothetical scenarios which set out to address the following two questions: […]
There have been a number of high profile data breaches during 2015, particularly in the healthcare sector, but also some significant breaches in other sectors that we felt were worth a mention in this year’s data breach round up. While reported breaches are down by 2.5% YoY, it is clear from the variety of organizations […]
When selecting a HIPAA fax provider, you’d think that companies who state they offer HIPAA compliant faxing solutions would be prepared to sign a Business Associate Agreement (BAA), right? Well, you’d be wrong. Some cloud fax providers don’t sign a BAA. They advertise that they are HIPAA compliant, but according to the HIPAA Omnibus Rule […]
It’s been a long time coming, but according to OCR, the phase 2 HIPAA audits are expected to begin in Spring 2016, so you’ll need to make sure your organization is prepared. With a high number of breaches occurring in the last two years being attributed to a lack of encryption, employee negligence and cyber […]
A simple error made by an employee sending an email to a contracted provider resulted in the unintentional disclosure of the medical records of 3,000 clients of the Community Care Services Program based in Georgia. The Community Care Services Program is responsible for helping people at risk of nursing home placement to remain in their […]
BYOD (Bring Your Own Device) has grown steadily over the past few years, and it is showing no signs of slowing down anytime soon. Devices are able to perform tasks far beyond calling and texting, with healthcare professionals now having access to patient data such as electronic medical records (EMRs), results, pharmaceutical information and a […]
No, it’s not your monitor. Over the next several weeks you will notice a change of color around Sfax from blue to purple. The new purple (Pantone #688 and #689 for you design geeks) replaces the original Sfax blue while still keeping it within a ‘healthcare’ color range. We hope you like it as much […]
If you’re in healthcare, odds are you send and receive faxes on a daily basis. Despite the best efforts of the healthcare exchanges, it’s just too early to solve the interoperability issues that prevent the secure sharing of patient data between EHRs. Here’s a helpful list of safeguards to follow when faxing PHI so that […]
It is accepted wisdom that for its universality, immediacy and security, faxing will remain a part of business life for the foreseeable future especially in industries like healthcare where real-time exchange of documents is critical every day. Those troublesome fax machines and fax servers are being phased out in favor of secure digital fax services. […]
As you may be aware, there have been concerns this month over what have been headlined as ‘critical’ zero-day security flaws for Adobe Flash in the browser. We have seen an enormous amount of press coverage – some of which has been inflammatory and ‘Flash bashing’ for the sake of column inches – rather than […]
Healthcare organizations and other covered entities have an obligation to protect the privacy of the their patients’ ePHI (electronic protected health information). The HIPAA Security Rule requires covered entities and business associates to maintain reasonable and appropriate administrative, technical, and physical safeguards for protecting patients data. As part of this requirement, they must: Ensure […]
Announced in March 2015, ResearchKit is an open-source software framework developed by Apple to aid medical researchers and healthcare organizations in collecting medical information on patients and participants straight from their iPhone or Apple watch. ResearchKit apps created by developers could change the way in which medical research and health monitoring is conducted forever. 1 […]
Business Associates, or BAs, have not been covered by the HIPAA Security and Privacy Rule for as long as the healthcare organizations they provide services to, and this means that some BAs may be unsure of what to do when it comes to being able to handle a data breach incident. No matter the size […]
A webinar to discuss the findings of The Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data highlighted that healthcare data is becoming targeted by criminals more frequently than ever as patient data becomes a high value commodity on the black market. The benchmark study collected information from 90 organizations, including both covered […]
The 2015 Data Breach Investigations Report published by Verizon highlights lost and stolen devices that lack encryption as a major cause of data being compromised across all industries. The report estimates a financial loss of $400 million from 700m compromised records – demonstrating the importance of managing data breach risks. Nearly 80,000 security incidents occurred […]
On April 15 2015, the House Energy and Commerce Committee approved the Data Security and Breach Notification Act by a 29-20 vote. The bill is the first federal rule requiring organizations to inform consumers that their personal information may have been compromised by hackers – and will replace any existing State laws. If passed into […]
The growth in cloud computing has been explosive. In 2010, the cloud computing industry was estimated to be worth $37 billion; by the end of 2015, the global cloud market is expected to reach $121 billion. This increase in cloud adoption is a trend set to continue, with 64% of companies saying they expect to […]
For those looking to ensure their healthcare data is properly protected, it is worth carefully exploring the measures your chosen service implement.
The threat of PHI data being used for criminal activities is expected to grow – 2014 saw numerous high profile breaches, many of them caused by hackers. However, as the move to ePHI continues, healthcare professionals and their business associates have legitimate access to thousands of patient records at their fingertips, and while the majority […]
The adoption of electronic patient healthcare information (ePHI), and the widely reported data breaches throughout 2014 has raised concerns around data security, as more and more organizations shift towards implementing measures that could see paper PHI eliminated completely. This is a particular concern for smaller organizations where implementing HIPAA compliant technologies may be a strain […]
There has been no shortage of HIPAA related controversy this year, so with 2015 just around the corner, we thought we’d roundup news highlights from the past 12 months. Increase in complaints The number of HIPAA violation complaints received by the Department of Health and Human Services continued to increase during 2014. By May 2014, […]
The cost to the environment 1 million trees could be saved every year if 5% of organizations switched to a paperless cloud faxing solution. Conventional fax machines are responsible for consuming more than 200 billion pages of paper each year in the US alone – a single machine uses an average of 5,000 sheets of […]
The demand for home health care is expected to continue to rise over the coming decades as millions of baby boomers begin to retire. The US Census Bureau predicts that by 2030, there will be about 72.1 million older persons in the United States; more than twice the number reported in 2000. Data compiled from […]
How secure is your PHI data? HIPAA (Health Insurance Portability and Accountability Act) are set to begin phase 2 audits in 2015, and OCR (United States Office of Civil Rights) have projected that part of the auditing process will include checking whether all systems and software that transmit electronic PHI (Protected Health Information) use encryption […]
The threat of cyber attacks is a very real concern for healthcare industry leaders. Earlier this year, headlines were dominated by Heartbleed – a security bug which compromised users’ personal information by allowing attackers to access protected information via vulnerable versions of OpenSSL software. The latest headline threat comes in the form of Shellshock. Shellshock, […]
Vast amounts of sensitive information is shared within the healthcare industry every day. Email may sound like the most logical tool for sharing such information – it’s quick, fast and easy to use – but it is also inherently insecure. The most common pitfall of email is quite simply human error – sending sensitive information […]
The phase 2 audits will focus on targeting HIPAA Standards that were sources of high numbers of non-compliance in the phase 1 audits. This may include: Risk analysis and risk management Content and timelines of breach notifications Notice of privacy practices Individual access Privacy Standards reasonable safeguards requirement Training to policy and procedures Device/media controls […]
Following the phase 1 audit, which focused exclusively on covered entities, the phase 2 audit conducted by The Office for Civil Rights (OCR) will also focus on business associates. From a pool of approximately 550 – 800 covered entities, which have been randomly selected from the National Provider Database and America’s Health Insurance Plans databases, […]
A spokesperson for the U.S. Department of Health and Human Services’s Office for Civil Rights has urged entities to remain patient whilst an audit web portal is developed.
The one-year grace period is up! If you haven’t reviewed your Business Associate Agreements in the last year, it’s time to check your documentation.
Don’t make the same mistake as these covered entities! Learn from their mistakes and reduce the risk of a HIPAA breach within your organization.
Between 550-800 covered entities will be reviewed in the upcoming Phase 2 HIPAA audits. Find out what’s changed and who will be affected.
In 2012, the Department of Health and Human Services (HHS) alongside the Office of Civil Rights (OCR) undertook HIPAA audits of around 150 covered entities (CE) to assess adherence to the HITECH Act. Focusing on privacy, security, and breach notification, the comprehensive audits analyzed the processes, controls, and policies of selected CEs to verify compliance. […]
With hacking accounting for just 6% of healthcare data breaches, find out how PHI is being put at risk.
As the second largest HIPAA breach ever reported goes public this week, are you up-to-speed with the different types of data breaches?
Did you know there are 18 different identifiers under HIPAA that constitute PHI? Read on to find out more.
Worried about cost, security or implementation? Don’t be! Moving to cloud fax can save you money and make sure your documents remain fully secure. Find out how.
With each month bringing news of another data breach, it is crucial that businesses work with employees and consumers to ensure personal information remains secure.
Have you undertaken a risk analysis? Don’t leave it too late! Read on to find out how you can work towards HIPAA compliancy.
Have you embraced a BYOD culture in your business? Check out our tips for safeguarding sensitive data this summer.
A shock discovery exposes Concentra as another HIPAA breach is uncovered. Find out more here.
Advancements in technology has changed the way business works. Here’s how you can evolve your business with cloud fax.
Don’t let your personal information, or that of others, fall into the wrong hands – follow these dos and don’ts to help protect sensitive data.
With hacking and security breaches becoming increasingly prevalent, everyone storing private information online needs to take their password security seriously. There is an abundance of information available on creating secure passwords, but it can easily start to feel pretty daunting to try to follow all the rules. Here’s a list of common password tips from […]
Knowledge is power when it comes to efficiently and securing running your business – regardless of size. Empower your workforce, whilst protecting sensitive documents, with these five tips.
Verizon’s Data Breach Investigation Report show Healthcare as top industry for physical data theft and loss. Find out more here.
With cloud fax there’s no need to risk sending sensitive documents by email. Securely send important documents via your mobile or tablet in six simple steps.
Market research confirms a significant increase in EHR adoption amongst solo physicians as cloud technology transforms the Healthcare industry.
Less than 36 hours ago, we learned about a potential security exploit called “Heartbleed” on some websites that use Linux/Apache and OpenSSL to secure customer information. We are unaffected.
Are your vendors taking care with PHI? Here are 3 tips when considering your Business Associates.
With the ‘Digital Government’ focusing on technology it’s more important than ever for professionals to embrace mobile and cloud services. Find out more.
There has been some debate around how long a BA should retain documents containing PHI, as seen in this LinkedIn forum discussion. Some attest that BAs should retain these documents for as short a time as possible while others state regulatory issues that make it necessary to retain these documents for 6 or 10 years.
Under HIPAA ‘covered entities’ must go beyond password protection to protect sensitive information. Find out why here.
Every day healthcare professionals rely on the secure transfer of sensitive documents and data. Find out more about our resolute commitment to HIPAA compliancy.
With BYOD on the rise for healthcare professionals make sure you’re aware of app security risks and to avoid to them.
Whilst manual faxing may be stuck in the 90s cloud fax is here to stay, discover more about cloud fax here.
With patient knowledge of digital privacy falling short, cloud-IT service providers must take responsibility for the security of EHR to protect PHI.
Where do you stand on the health IT ‘digital divide’? Is a lack of financial incentives and technical assistance holding your organization back?
With over 70 breaches added to the HSS Breach Notification Tool since last month, it’s time for healthcare professionals and organizations to make sure HIPAA compliant procedures are in place.
The cloud is becoming an indispensable component of everyday business. Here we discuss considerations for healthcare professionals when it comes to cloud fax and HIPAA.
Cloud-based faxing can help transform productivity, keep your documents secure and help save your business money. Find out how you can revolutionize your business in 2014.
From stolen laptops to programming errors, find out what caused the biggest HIPAA breaches of 2013 and who was responsible.
Whether you’re a small business or a large organization efficiency is crucial for success. Here are five ways you can improve your productivity with cloud fax.
Don’t let misconceptions about fax compromise your business or organization. Here we expose four myths about faxing.
Used correctly both fax and email are undeniably valuable for businesses and organizations, but make sure you’re using the right service at the right time. Find out more.
Start streamlining your business workflow with cloud faxing. Here are five ways in which cloud faxing can benefit your business.
With extensive physical, organizational and the technical measures in place you can rest assured that cloud faxing with Sfax is secure.
Online faxing will save your business more than just money. With its ease of use, immediacy of delivery, and universal accessibility Sfax can help revolutionise your business.
Cut down on pollution with Sfax and save your business money on energy bills, paper and ink costs with online faxing.
The day-to-day running and efficiency of educational organizations is dependent on the sending and receiving of important and sensitive information. Find out why cloud faxing with Sfax is the ideal solution.
Signing and sending faxes from your computer doesn’t need to be hard. Once you’ve chosen an Sfax plan that suits your needs and made your account, you can start faxing following these five simple steps
Discover why online fax is the next step in the evolution of communication. Flexibility and security are just two of the many advantages Sfax has over more traditional communication channels.
As we discovered recently, more healthcare professionals than ever before are turning to smartphones for their day-to-day work.
According to a new HIMSS Analytics report, the exchange of health data in Health Information Organizations (HIOs) is being slowed by the use of paper and traditional fax. Sfax can provide an answer.
According to the study of 1,063 participants, 86% use smartphones, which is up 8% from 78% in 2012. 53% of those studied use tablets at work, compared with 34% in 2012. All participants use laptops or desktop computers, and 47% use all three devices at work.
From small startups to giant corporations, communication is the key to any successful business. Uniting departments and organizations across any distance, fax is a long-standing, reliable method of transferring messages and data. Some may say there is no space for fax in the digital age, but this is far from the truth. Online fax is alive and well, and there are numerous reasons why it is a valuable addition to any company.
Financial institutions constantly deal with a high volume of sensitive information, from individual client accounts to mutual funds, stock brokerage and investment banking. As a result, there are multiple challenges which come with protecting the highly confidential data processed at each level.
With thefts and data compromises happening with alarming regularity around the world, making sure that your data is sent via a secure channel should be your top priority.
In the age of tablets and smartphones, PCs and laptops are being rapidly replaced in the home as well as in the workplace. More and more companies are making use of the portability and flexibility of tablets for day-to-day work, but is it something that workers really want?
Today, Austin-based SecureCare Technologies, Inc. has announced the release of the new mobile app version of its secure cloud fax service, Sfax. The free app, available on iOS and Android devices, allows its customers to manage their faxes ‘on the go’. Sfax for Mobile allows users to securely send, receive and manage faxes from their […]
Manual faxing is fraught with issues and inefficiencies. It lacks in terms of security, with hard copies easily intercepted by third parties, and is costly in terms of employee time and money spent on physical resources.
Whilst businesses across all industries are taking to cloud computing, healthcare providers have been slow to adopt the technology
The results of our latest customer survey are now in! We’ve been working hard to ensure Sfax is best in class, and our customers confirm that our product is one of their favorite for sharing and accessing faxes securely at any time, wherever they are.
One of the main features of Sfax, and one that we often hear from our customers is an extremely useful tool, is the ability to annotate and digitally sign faxes send it on or back to the sender – without the need to print, sign and the scan the paper document.
Switching away from the messy, wasteful practice of manual fax and embracing modern technology will save your business money on energy bills, ink and paper.
There is a growing trend in the business world to ‘digitize’ the office space. This is the act of processing data and documents into a digital format so that they can be accessed by computer.
Cloud faxing provides many clear advantages over traditional faxing solutions and email file transfer systems. Manual fax machines are being abandoned as businesses are increasingly turning to cloud faxing for all of their secure data transfer needs.
Since the August 2009 Breach Notification Rule came into existence it has been clear to everyone just how frequently healthcare and patient data is compromised across the nation. Inappropriate use email continues to be a issue.
We’ve rolled out some great new features and tweaked a couple of things. Permissions We know Administrators and IT Managers need to control what users can do – what specific actions they can take. This is especially important with team working and collaboration and for compliance reasons. We have created the ability for Accounts Admins […]
A new set of HIPAA patient privacy regulations will impact practices and physicians everywhere with stronger legal scrutiny and higher fines in place. The U.S. Department of Health and Human Services (HHS) has updated the final omnibus to enhance the security of patient privacy established by the Health Insurance Portability and Accountability Act of 1996 […]
Choosing the right fax service is important and finding time to properly evaluate the options can be difficult. We have webinars to better demonstrate what Sfax has to offer.
Long-term home care technology commentator, Tim Rowan, took Sfax for a test drive and liked what he found.
We love it when other people review and provide feedback about Sfax. John Lynn, HIT Analyst and author of the open forum and for EMR, EHR and HIPAA-related information, EMRandHIPAA.com, has taken a look at Sfax Driver and Sfax Online. John comments: “..we could talk about the reasons that faxes are so effective and successful, […]
In the highly regulated and litigious world in which we live, sending, receiving or managing sensitive documents and data through email or services that use email can be plain negligent. Unfortunately, many healthcare businesses are transporting Protected Health Information (PHI) and Social Security details by email or services that use email every day because they […]
Find out why, in the highly regulated and litigious world, sending, receiving or managing sensitive documents and data through email or services that use of email is plain negligent.