Cart 0

News

GHS container labeling and OSHA in Dentistry and Healthcare - Hazard Communications

GHS

GHS container labeling and OSHA in Dentistry and Healthcare - Hazard Communications

Now that that we've had some time to digest the Hazard Communication Standard's alignment with GHS we've realized just how much has changed especially when it comes to secondary container labeling. The new standard requires quite a bit of additional information and it can be tough to fit it on a standard label. Although write on labels are a quick and easy way to comply with the standard, it can be time consuming when you have multiple containers or locations. We've slowly built a collection of GHS labels that we created for our use in the field. These are products that usually need...

Read more →


Ransomware: A HIPAA Concern for Doctors and Dentists

Ransomware: A HIPAA Concern for Doctors and Dentists

According to a recent U.S Government report, ransomware attacks have been rapidly increasing since early 2016. The reality is staggering. An estimated 4,000 ransomware attacks take place every day. So what is ransomware? It's a type of computer virus or malware that attempts to deny access to a user’s information by encrypting their data.   Healthcare and dental facilities are often targeted because of their perceived ability to pay a ransom and the reliance on maintaining the confidentiality and availability of patient electronic protected health information (ePHI) under HIPAA. So in essence, HIPAA makes you a potential target, but it also serves to protect you since it requires the implementation of technical, administrative and physical safeguards.  First off,...

Read more →


HIPAA in 2019. Do we need encryption?

HIPAA in 2019. Do we need encryption?

Do we need encryption? It's simple question, but unfortunately the answer isn't as easy. Health and Human Services (HHS) technically says encryption falls under an implementation specification that's "addressable". So, no it might not be required, but it must be considered. We're seeing more practices regularly using it to encrypt data on storage devices and for securely transmitting PHI to other covered entities or for insurance claims.  HHS identifies implementation specifications as either "required" or "addressable". "Required" means mandatory compliance. Failing to implement these means your violating the HIPAA Security Rule.  The following are all "Required" implementation specifications;  Administrative Safeguards - Security Management Process -...

Read more →


Complying with HIPAA. Responsible Email and Texting

Complying with HIPAA. Responsible Email and Texting

 HIPAA is an acronym that stands for the Health Insurance Portability and Accountability Act of 1996. It provides privacy standards that protect patients' protected health information (PHI). The standard requires covered entities (doctors, dentists, labs, hospitals and other healthcare providers) to establish administrative, physical and technical safeguards to protect this information.   Fortunately these requirements are intended to be scaleable and flexible. "One size doesn't fit all" is a good way to look at the scaleability of HIPAA. Implement technology and safeguards appropriate to your situation. Consider the size of the practice, the cost of implementation and the potential risk to ePHI among other things. Flexibility allows...

Read more →


2017 HIPAA fines and settlements already piling up

2017 HIPAA fines and settlements already piling up

 We're not even into March yet and we've already seen a busy start to 2017. The Office of Civil Rights (OCR) announced the 4th settlement of the year with Memorial Health Systems of Hollywood, Florida. They paid $5.5 million to settle claims it violated HIPAA requirements under the Privacy and Security Rules.. The other settlements in 2017 were Children's Medical Center in Dallas to a tune of $3.2 million, MAPFRE, a life insurance company out of Puerto Rico for $2.2 million and Presence Health from the Chicago area.  Presence Health is interesting in the fact it was the first violation stemming from the Breach...

Read more →