(4 min read) CQI involves more than just checking reports to make sure that the “red” went away, it’s a continuous process focusing on ...
Ryan Stark | December 11, 2019
(2 min read) EMS agencies are very attractive targets for cybercriminals. But, there are easy steps you can take to better protect your information from a cyber-attack.
Third-party billing companies and ePCR vendors host a lot (sometimes almost all) of our patient data. Ask your vendors the following questions:
Software updates address vulnerabilities that already exist in software. It’s critical to monitor for urgent patches and implement updates before vulnerabilities are exploited. Ask your vendors about updates and how they occur (automatically and how often). If your vendor maintains an open connection to the installed software (a “back door”), ensure that there is a secure connection at the firewall.
Ask your IT folks, “If we got hit with a ransomware attack today, what would we do?”. You need a plan and you need to test that plan periodically. That means making sure you can restore data from backups in a timely fashion and that folks report events immediately to the appropriate individual(s).
Make sure you:
Important data should be encrypted while at rest and in motion. Recommended best practices for encrypting health information can be found at https://www.hhs.gov/hipaa/for-professionals/breach-notification/guidance/index.html.
Ryan Stark is a Managing Partner with Page, Wolfberg & Wirth, and is the firm’s resident “HIPAA guru.” He counsels clients on labor relations, privacy, security, reimbursement, and other compliance matters affecting the ambulance industry. Ryan is passionate about educating EMS professionals and loves collaborating with providers and CEOs alike. He is a featured speaker in PWW seminars and webinars, including the firm’s signature abc360 Conference, where he hosts the abc360 Game Show. Always enthusiastic, Ryan has been invited to speak at many state and regional EMS conferences, as well as national industry events. He is also an adjunct professor at Creighton University in the school’s Master of Science in Emergency Medical Services Program.