We consistently hear
about data security from HIPAA, HITECH, CALEA and the Red Flag Rules as well as
a myriad of other state and federal laws focused on information
privacy. The second component of these rules is security which can be a
misunderstood area of the law.
With scalable
requirements and shifting firewalls, small practices can feel overwhelmed with
compliance issues. But - and it's a big but - most issues in security
aren't technical or related to complex software. They relate to human behavior.
Problems tend not to be technical but gossip, curiosity, and the always popular
"but I've always done it that way."
The Office of the
National Coordinator (ONC) deals with technical rules and issues relating to
electronic medical records. As part of its practice outreach, the ONC has
devised a game, CyberSecure:Your
Medical Practice. The game is intended to help answer common
information security questions. While this information is medical practice
focused, the tips and suggestions apply to all industries who are seeking to
protect data.
I played and got 100%
- try to match that!