Category: Billing Blog

[cmsms_row data_width=”boxed” data_padding_left=”3″ data_padding_right=”3″ data_color=”default” data_bg_color=”#ffffff” data_bg_position=”top center” data_bg_repeat=”no-repeat” data_bg_attachment=”scroll” data_bg_size=”cover” data_bg_parallax_ratio=”0.5″ data_color_overlay=”#000000″ data_overlay_opacity=”50″ data_padding_top=”0″ data_padding_bottom=”50″][cmsms_column data_width=”1/1″][cmsms_image align=”left” animation_delay=”0″]1189|https://hhssolutions.com/wp-content/uploads/2016/12/Snail-Mail-Compliance-820×549.jpg|masonry-thumb[/cmsms_image][cmsms_text animation_delay=”0″]   All of us deal with HIPAA in one way or another, whether it is your own information that gets accessed by others or with other people’s data that we may handle at work. HIPAA […]

Soon rural long term care facilities will be able to apply for federal funds to help them pay for faster internet. The federal legislation was signed into law by president Obama on June 22, 2016. The law allows Long Term Care facilities to be covered under the S.1916 Rural health Care Connectivity Act of 2015. […]

It has been a whole month since the ICD-10 changeover. How did everyone fair? The challenges of learning and training employees can be difficult especially with such a significant change. With over 141,000 ICD-10 codes it is impossible to memorize every one of them.  Knowing where to start is imperative to getting the correct diagnosis […]

HIPAA Security Requirements and Tips for Keeping your Data Secure.

HIPAA security has changed since March of 2013. The new rules change the way everyone deals with electronic Protected Health Information (e-PHI) as well as the networks and vendors the companies use to view and transfer these documents. Under the new rules, you can be fined up to $1.5 Million per year if you are not in compliance, and up to $50,000 per violation. Also now business associates can be held responsible for data breaches and if that were not enough: you now you have to prove that you haven’t had a data breech instead of the opposite. Under the new rules they assume that you have had a security breech unless you can document otherwise. For companies that have policies and procedures for HIPAA that are older than 3 years: You may want to read through your Business Associate Agreements (BAAs) and your policies to make sure the new rules are put into place.

 

Simplified Technical Safeguards Required by HIPAA

  • Access Control: Have policies and procedures in place that determine who has access to e-PHI.
  • Audit Controls: Keep a record of your information systems security status and use. This means keep logs and reports of physical security, software, and other mechanisms used to contain or look at e-PHI.
  • Integrity Controls: Make sure that e-PHI is not improperly altered or destroyed.
  • Transmission Security: Protect the transmission of e-PHI over networks. This means using encryption and having properly configured firewalls and networks.

Visit HHS.GOV here for the actual specifications/requirements: http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html

In short it is important to make sure you are in compliance to these new rules and that your IT vendor/department is aware of these requirements.

Below you will find some of the ways your data can be breached and some possible prevention methods:

 

 

 

Phising-AttackPhishing Attacks:

Phishing is when attackers send you emails or have links in websites that are tailored to look legitimate, but when an unsuspecting person clicks on a link or opens a file within an email it harms the computer. Also, Spear Phishing is an even more targeted attack, in which the hacker gathers info about you to tailor a personalized email message just for you.

Prevention Methods:

  • Don’t click on email attachments or links that you are not 100% sure are from a legitimate source.
  • Use Spam fighters and Antivirus software to protect your email
  • Don’t give out your email to unknown online sites (for example: win $1000 by filling out this form)
  • Check to see if your email has be pwned (compromised): https://haveibeenpwned.com/

Man-in-the-Middle-AttacksMan in the Middle Attacks:

Man in the middle attacks intercept data between two points and attempt to steal and decrypt the information. This can be done by spoofing a “trusted” network that your device has connected to in the past. You may see this if you are at a hotel and your phone tells you that you are connect to your home network?!?!

Prevention Methods:

  • Use a VPN to encrypt your online communication
  • Look for the lock symbol next to the web address to ensure that SSL and/or TLS is being used.
    • Note if you see a lock icon but also an exclamation mark or an X don’t enter in any sensitive info.

 

Buffer-OverflowBuffer Overflow:

Buffer overflow is when an attacker breaks a program by giving it too much information (like a really long username). The attacker can then insert code into the website or software that goes where it should not and gain access to a system. This is a high level of attack and difficult to prevent

Prevention Methods:

  • If your company has proprietary software ask the programmers to look at the code to see if they are vulnerable to buffer overload.
  • Hire a professional to test your software/website
  • Make sure that all of your software is up to date

 

Brute-Force-AttacksBrute Force Attacks:

Brute force attacks can be very effective against systems that have weak user names and passwords. A brute force attack will try thousands if not millions of usernames and passwords to try to find the right one. More sophisticated attacks use “dictionaries” of the most common passwords to quicken the process.

Prevention Methods:

  • Use strong Passwords
  • Set a policy for log in attempts

[cmsms_row data_width=”boxed” data_padding_left=”3″ data_padding_right=”3″ data_color=”default” data_bg_color=”#ffffff” data_bg_position=”top center” data_bg_repeat=”no-repeat” data_bg_attachment=”scroll” data_bg_size=”cover” data_bg_parallax_ratio=”0.5″ data_color_overlay=”#000000″ data_overlay_opacity=”50″ data_padding_top=”0″ data_padding_bottom=”50″][cmsms_column data_width=”1/1″][cmsms_quotes mode=”slider” animation_delay=”0″][cmsms_quote image=”931|http://temp.hhssolutions.com/wp-content/uploads/2015/04/Increased-Cost-not-mean-Revenue-200×200.png|thumbnail” name=”Janet Lytton, R.H.I.T., N.H.A.” subtitle=”Director of Reimbursement”] As I have been working on each of the Facility Statistic files, I have noticed that our facility Medicaid rates have increased very little, if any. This is […]

A person with dementia may be more sensitive to noise. Noise affects people differently from a mild response or catastrophic reaction. Some may have a threshold of a few minutes and others may become overwhelmed after an hour. Each person’s coping style to noise is different. Their individual coping style and personal tolerance to noise […]

Medical Billing Nebraska We pride ourselves in being experts in the medical billing field. Many practices and facilities find it difficult and time consuming to bill properly and in a timely manner. All of our billers and billing specialists are located in Nebraska or in the neighboring states. Whether you are in Seatle, or New […]

As most of you know, Medicare implemented a 2% reduction to all provider payments as of April 1, 2013. Currently this cut is in full effect across the board to all Medicare certified healthcare providers. What this means to your facility is that any services that are billed to Medicare on or after April 1, […]