Contact Us Schedule A Demo
Healthcare

HIPAA may be twenty-two years old but the HIPAA Security Rule—which assures the security of confidential electronic patient information—hit its twenty-year mark just this year.  HIPAA was signed into law in 1996 to protect Americans from losing health insurance coverage when changing jobs or dealing with a lay off and to protect the privacy and security of individual health information. Rules that govern HIPAA’s implementation requirements include the Privacy Rule and the Security Rule, which followed the initial rule 2 years later, issued in 1998.

0

Security

Being on the hook for free services to friends and family members is a well-known risk for many professionals. Doctors get called in the middle of the night to see sick nieces and nephews, attorneys advise their siblings on traffic violations and airline employees are hunted down by everyone for those free standby certificates. But as a technology professional, I can say that we have it arguably worse than anyone else; “Can you set up my Wi-Fi?”,  “Do I have enough encryption?” And if you think that the barrage of requests is not bad enough, you haven’t heard the complaints! “That phone broke within three months!”, “I dropped my router while dusting and now my WiFi is out!”.  

0

Healthcare

If you’re in healthcare, you are familiar with MACRA, the Medicare Access and CHIP Reauthorization act of 2015—bipartisan legislation that requires the US Centers for Medicaid and Medicare (CMS) to implement an incentive program. Merit-based Incentive Payment System (MIPS) evaluates clinicians in four areas—Quality, Improvement Activities, Promoting Interoperability, and Cost.

0

Secure Messaging

The revelations Tuesday and Wednesday about the extensive use of Wickr inside Uber upended the high-stakes legal showdown with Alphabet’s Waymo unit, which accuses the ride-hailing firm of stealing its self-driving car secrets. The issue of course is not whether using Wickr or apps like it, including Vaporstream, is acceptable. The issue is when, where and how to use the application and what legitimate use indeed looks like.

0

People send over 20 billion text messages every day worldwide, and Text Request reports 95 percent of texts are read within five minutes of being sent. Because of its convenience, open rates, and speed, text messaging is the preferred method of communication — both for work and personal life. Due to the nature of the profession, texting has become a popular way to communicate in the healthcare industry. However, there’s a need for more secure messaging.Due to the strict requirements of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 and the rise ofSEE DETAILS
0

Patient care requires fast-paced, asynchronous collaboration that ensures quick responses for life-saving decisions. Because text is the most rapidly responded to communication channel utilized today, many healthcare professionals communicate and collaborate via their mobile device. In fact, a recent HIMSS Analytics study reported 70.6 percent of IT professionals, clinicians, C-suite executives, and department heads use smartphones for EHR access, and 76.5 percent access clinical information through smartphone apps. However, according to Lisa Gallagher, vice president of technology solutions for HIMSS, text messaging by clinicians is a major source of protectedSEE DETAILS
0

Healthcare

In its latest update, The Joint Commission banned the use of secure text messaging for patient care orders due to concerns over privacy and security. The decision was a curious one, since it came just a few months after announcing an end to the very same ban. Though its concerns are certainly warranted, as healthcare is the most targeted sector for cyber-attacks, The Joint Commission’s latest assertions against secure text orders are, quick frankly, unsubstantiated. In fact, modern secure messaging platforms not only address the issues raised by The Joint Commission, but can also serve to improve a hospital’s security, efficiency and compliance.

0

Healthcare

The healthcare industry, by nature, demands a high level of privacy and compliance, but it also demands quick communication between care providers to ensure best-in-class patient care. Therefore, many healthcare providers are turning to mobile devices to enable faster, more efficient communications. “Today, short mobile communication methods like text is getting immediate response and better read rates, facilitating a new way of doing business,” said Galina Datskovsky, CEO of Vaporstream. But what happens to information and images that are texted and left on these personal devices? How do you maintain privacy, security or compliance?

0

There is a sudden bustle in the emergency ward at one of Illinois’ biggest hospital, as the staff wheels in a petite blond with major burn injuries. In the dire situation, the nurse uses her smartphone and sends a few pictures of the burn, along with the patient details to a specialist located 700 miles away. Within seconds, the doctor replies, instructing the nurse on necessary treatment. The patient’s condition becomes stable and the doctor gets back to his meeting.The scenarios in the healthcare arena today look no less differentSEE DETAILS
0

Secure Messaging

“Whoever Wins the White House, This Year’s Big Loser is Email.” Thus, reads the headline in the NY Times on October 19, 2016. Indeed, in the current election cycle, month after month, the focus has been on hacked and released emails, on disappearing emails, on emails that reappear on various devices – not of the user’s choosing. It certainly seems that the people who sent those emails should have known better than to write what they actually wrote in the first place.

0

Information Governance

The ARMA Information Governance Principles are very relevant to today’s world of mobile communications. There are 8 of them all together, and in this blog series we will discuss 7 of them in great detail. We will not touch on the principle of Accountability, as having an accountable executive is necessary to the success of any endeavor, not just mobility and mobile messaging. I would like to start this installment with the Principle of Protection.

0

Cyber Security

BYOD Secure messaging

Today’s workforce has gone beyond mobile. It is fluid. The physical mobility of devices has improved so drastically that the lightest devices from 20 years ago would be the heaviest devices today. People aren’t just working in different places because they have to, they are working everywhere because mobility enables them to. The freedom to get things done instantly, without having to rearrange your life, has taken hold of today’s workforce. With it come efficiencies and benefits to the organization, employee and consumer, but also risk that must be considered.

Moving with the fluid workforce are their devices; laptops, tablets, phones and everything in-between are constantly being pulled out at soccer games, doctor’s offices, coffee shops and airports. Everywhere you look, someone is connecting. The problem is that interruptions in the real world are often sudden, abrupt, and urgent. Devices may be quickly put down to address a disruption. It is in that moment that the security of the device and everything on it matters the most.

The devices that enable our freedom contain valuable information. When they are lost, stolen, or simply misplaced, that information becomes vulnerable. What’s more, despite the best efforts of IT professionals to educate people about the importance of securing their device, it doesn’t always happen. With almost every security measure that IT forces onto a device usability is degraded a bit. Degrade usability too much, and users simply move to another device. Even enforcing the use of a passcode on a phone causes consternation:

“Do I use a 4-digit pin or a complex password? I need to take pictures of my kids quickly before the moment passes. Maybe I should disable the code on family days so I don’t miss anything? Not having a code will also make it easier for my kid to play games on it when we’re in the car.”

In fact, studies show that despite the need for security, alarmingly, only 46% of users set a screen lock using a four-digit PIN, password or fingerprint.  This means that over 50% of mobile device owners still do not take the basic step of password-protecting their devices. And password protection is just the first step; device encryption is equally important. Without it, a moderately sophisticated attacker can simply access device storage directly, sidestepping password protection altogether.

One obvious reason to care about mobile device security is the sad fact that some of your organization’s mobile devices will be lost. Make no mistake about it: No matter how diligent your staff may be, devices are going to be lost or stolen – eventually. In New York City alone, 73,000 mobile devices were left in taxi cabs in 2014. A lost device should always be regarded as a security breach. Whether the finder attempts to extract information with intent to steal intellectual property, or with the benign intent of identifying the rightful owner, unauthorized access will occur. Unlocked phones and unsecure apps can leave your organization open to a data breach. And this risk certainly is not limited to smartphones – laptops and tablets, while larger, are misplaced every day as well. Unfortunately, there are numerous examples where organizations have been fined for failing to encrypt lost laptops containing PII or PHI. Just this month, Premier Healthcare reported that a non-encrypted laptop was stolen from its billing department, exposing over 200,000 patient’s PII; almost 2000 of those records including social security numbers and/or other financial information.

Simply stated – lost devices are a security breach waiting to happen. With higher local storage capacity and access to cloud storage, lost phones and tablets are next to hit the news for breach of information. No amount of diligence can completely prevent the loss of devices. The best you can do is focus on mitigating the potential fallout and make sure that a lost device does not lead to a data breach.

Beyond securing devices, however, the applications that employees use to share information and communicate vital business information also need to be secure. While many organizations may think that deploying secure apps is excessive given their phone security requirements, those requirements are only as good as the hardware provider’s capabilities and are susceptible to human error.

Apps that encrypt their information prevent sharing, saving or forwarding of information and restrict the extraction of information without proper authorization. This can help mitigate the risk of information leaks or larger breaches. It is a mental shift from only protecting the device to protecting the information that flows between devices and better controlling what can be done with that information. Apps that securely leverage the convenience of mobile devices for rapid information exchange, collaboration and decision making can have a dramatic positive impact on employee workflow efficiency and experience.

Employees just want to use their devices in a way that makes their lives easier and helps them get their jobs done.  The introduction of ephemerality has also changed the way we look at collaboration via our mobile devices. Corporate data can now be stored in a secure, fire-walled repository, while removed from devices alleviating much of the risk created by lost or stolen devices.

This is not to say that device security should be ignored. Far from it. Even the most conscientious person might leave valuable information in unsecure locations on their devices, where device security is the last line of defense. On top of reasonable device security, the applications themselves can further protect information on devices and in transit, achieving a deeper level of security and confidence. Secure applications help ensure that the privacy of information belonging to your organization, employees and customers is protected.

In our ever-evolving, technology-rich and breach-heavy world, the need to increase the security on BYOD devices has grown significantly while empowering employee efficiency is just as important. It is incumbent upon every organization to understand the impact of their mobile workforce upon security and compliance mandates in order to minimize the likelihood and impact of data loss or breach. The inclusion of secure apps such as secure mobile messaging help you protect vital information from breach while leveraging the efficiencies of the mobile device. Providing, or enforcing, an option for secure information exchange and collaboration that does not jeopardize privacy or compliance should be included in every organization’s mobile enablement strategy.

To find out more about the benefits that can be realized through secure mobile messaging, contact us.

Contributor: Avi Elkoni

0