Login 

Call Us Now:

Weston Technology Solutions Blog

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Archives
    Archives Contains a list of blog posts that were created previously.
Subscribe to this list via RSS Blog posts tagged in Compliance

Cyber Threat Protection As a CompleteCare client, you can rest assured that we are doing everything we can to protect your network from security threats and problematic malware. We were asked by a client recently what we do to help protect them from cyber threats, so we figured we’d share a bit of our multi-layered approach here (these are the major items but not the only items).

hipaaAnother story that is becoming all-too-common. From HIPAA Journal: “Lost Laptop Sees PHI of 3,725 Veterans Exposed.”

What is the moral of this story for your health clinic?

  1. Properly Decommission Computers: Any device, when it’s taken out of production and had any sort of access to PHI needs to be completely wiped and properly decommissioned. That means doing a thorough scrubbing or destruction of the data on the hard drive of the computer. Refer to 45 CFR 164.310(d)(2)(i) and 45 CFR 164.310(d)(2)(ii) for more information.
  2. Encrypt All laptops: The data on all laptops should be encrypted at all times as it’s your Get Out Of Jail Free card. If a laptop is lost with properly documented fully encrypted data, there is no way for it to be recovered and it does not have to be reported as a breach.

Need help with your technology and HIPAA? Call us today to learn about our HIPAA services including disk encryption and annual risk assessments

Mobile Device ManagementAs a business owner, you’re likely familiar with locking down the data on your corporate-owned computers. With technologies like disk encryption and strong password policies and other security measures, you can assure that it will be pretty difficult to access data that shouldn’t be accessed.

But what about those computers in your employees’ pockets, the fancy smartphones they carry around? Have they ever used them to access company email, files, documents, calendars, or contacts? It is certainly very convenient and can increase productivity to have access to that data with you at all times. What would happen if they were to lose that phone or if the employee left? Would your data or access to your company’s data fall into the wrong hands?

Not if they were secured by WestonSecureMobile, powered by IBM MaaS360. Previously, if you wanted full control of your employee’s mobile access, you’d have to buy them all phones and lock them down. With WestonSecureMobile, you can allow them to bring their own personal devices and you won’t have to worry.

WestonSecureMobile uses industry-leading technologies to allow your employees to access company resources on their mobile devices securely without putting their personal or your corporate data at risk. WestonSecureMobile is a suite of secure applications that gets installed on your phone that keeps your corporate data access secure and separate from the personal data on your phone. It provides centralized management of the devices, allowing you to selectively control access to corporate data, much as you would with your Windows Server back at the office.

If a phone is lost or an employee leaves, you can wipe and lock down portions of the phone that were accessing that data so the user’s personal data is left alone. It also allows tracking of the devices if they are lost or stolen.

It’s certainly cheaper to allow your employees to bring their own devices. With WestonSecureMobile, you can be assured that bringing their own device won’t compromise your company’s data or put it at risk. Contact us today for more information and pricing.

healthcareIT2The U.S. Department of Health and Human Services (HHS) has launched a revised breach portal (or “Wall of Shame” as it’s known in the healthcare industry). The newly designed tool can be found here. According to Healthcare Informatics, This redesign features improved navigation for both those looking for information on breaches and ease-of-use for organizations reporting incidents. What that means for you is that, yes, your life as a HIPAA security officer will be easier as you’ll be able to submit breach notices easier. However, as a clinic manager, it also means your patients can find breach notifications easier, making it easier to find out if you messed up or are currently under investigation by the Office of Civil Rights.

It’s best to keep yourself from ever being on the Wall Of Shame in the first place, and Weston can help. We have a variety of HIPAA-friendly services that will help secure your environment, train your employees, assess your compliance and vulnerabilities, and keep you from hopefully ever having to visit that site. 

Petya Ransomware Outbreak

Posted by on in Alerts

You may have heard about the Petya Ransomware attack that is currently affecting computer users worldwide, hitting at least 65 counties, according to NPR. You can read more about the Petya outbreak at HealthITSecurity, the patched security flaw that is being exploited, the government's CERT alert and the most tragic news: a Cadbury chocolate factory was shut down because of it.

As a Weston CompleteCare client, you have multiple layers of protection in-place to help prevent these types of things from bringing down your environment. These may include:

  • WestonBlock email protection helps prevent viruses, malware, and phishing attempts from reaching your inbox. 
  • Managed Antivirus that is constantly being updated to protect opening these types of files and blocking them if they try to attack.
  • OpenDNS content filtering protects you from accidentally loading an infected web site and prevents these types of files from "phoning home" to activate.
  • WestonShield firewalls help protect against malicious inbound and outbound traffic (and has had protection for variants of Petya starting over a year ago).
  • Managed patching services that make sure security patches to help protect you from these types of infections are installed properly and quickly.
  • A solid backup and business continuity device and plan in-place that protects your local and offsite backed up data and that alerts when backups show sign of malware. 

All that being said, this is yet another reminder to be extremely vigilant about what links you click on and what emails you open. Even if you get an email and attachment from someone that you know, if you were not expecting it, contact that person and make sure it was sent by them. Also avoid browsing to sites you don't recognize or follow links that are unfamiliar.

If you have any questions or are interested in hearing about how CompleteCare can help protect your business, don't hesitate to contact us.