What are some of the security measures you need to have in place to protect your practice? In today’s day and age, security breaches can come from many different directions. In this episode of Talking with the Toothcop, Andrea and I will lay out some ways you can protect your business. From security breaches to controlled substance regulations—we’ve got you covered.
Outline of This Episode [0:20] Cyber Ransom Attacks [4:55] What does a breach mean for you? [8:30] Prepare for potential breaches. [13:20] HIPAA security and privacy officer [14:40] Bootcamp will cover liability and compliance [17:50] How to prepare for and handle “Never Events” [23:10] Controlled substance rules and regulations [27:15] Change in DEA regulations [28:10] Controlled substance storage [30:30] Stop over-prescribing antibiotics Cyber attacks are the real dealIt’s a new era, and cyberattacks are becoming more prevalent. A hacker will infect your system with an encryption virus, and to regain access you have to pay a ransom. This isn’t just a thing happening on TV shows anymore. It’s something that has to be investigated by the FBI, reported to the Office for Civil Rights (OCR), and potentially even media outlets.
Is there anything you can do to prepare? What do you are attacked?
Invest in a great IT company that will answer any questions you may have. Obtain adequate cyber-insurance coverage. Have legal counsel in place that you can call if it’s ever necessary. Prepare as well as you can—make sure you have more than adequate website security.Don’t let your practice be compromised and watch your reputation take a nose-dive. Do everything you possibly can to protect your practice and your clients. We give you a few options in this episode!
HIPAA breaches and how to prevent themIf you do indeed experience a breach of protected health information, you must have systems in place to handle the situation. You need a designated privacy officer and security officer. If you’ve done your due diligence and have systems in place, it can be taken into consideration if there is an investigation. A forensic investigation is recommended (especially in the case of a cyber-attack) to determine the scope of the breach and what information was affected.
Assess where your vulnerabilities may be and take preventative action. Was there a change in technology? Where are your gaps? Don’t simply rely on your IT company telling you that you’re safe—ask questions so that you understand and know you’ve done everything possible.
How to prevent “Never Events”“Never Events”, usually referred to as “Sentinel Events” are unanticipated extraordinary events that incur serious injury, illness, or the death of a patient. Unfortunately, events like these can and do happen (we talk about prevention and preparedness in depth in this episode).
Even if you do everything right and are a great clinician, the litigation and stress involved in the process can be debilitating. You can’t turn back time—but you can be proactive. Have checklists in place to make sure life-saving medical devices are checked regularly. Practice life-saving procedures with your staff. Be prepared for the unexpected.
Controlled substance rules, regulations, and safety measuresA state board rule was enacted in Texas eff. September 1st requiring providers to check a patient's substance history before prescribing controlled substances. There are also whispers that a law will be enacted in 2020 that will only allow prescriptions for controlled substances to be done electronically. Do your research now to find a compatible software to have in place by the time this is state law!
It’s an added safety measure that will protect you from some liability as well as protect your patient’s life. In the meantime, if you prescribe or utilize controlled substances they must be securely locked up (behind TWO locks and TWO keys). You must have a log to track dispensing that is stored safely with the drugs.
Andrea and I talk in detail about security measures, HIPAA breaches, drug regulations and much more so be sure to listen to the whole episode for details!
Resources & People Mentioned Allscripts Office for Civil Rights (OCR) Connect With Duane https://www.dentalcompliance.com/ toothcop(at)dentalcompliance.com On Facebook On Twitter On LinkedIn On Youtube