How To Encourage Patient Consent To Email Marketing Without Feeling Slimy

Published: March 20th, 2017

If email marketing is known to produce results across a variety of industries, why do some professionals feel uncomfortable with it?  Why do they feel “slimy”?  It is not uncommon for people to feel hesitant to engage in email marketing because it somehow feels “wrong” to them.    There are several factors at play in this limiting belief; in this article, we shall shed light on them to help dispel this feeling so that you can confidently get to work and grow your business, knowing that you are actually helping others.

Email Marketing

Read the rest of this post »

What Do the CIA Vault 7 Leaks Mean for Your Business?

Published: March 17th, 2017

Vault 7, the WikiLeaks release of CIA cyber intelligence documents, has been one of the biggest news stories of the past month. Now that the dust has settled and the media hype has died down, we can finally go through the leaks in a rational way and understand their real world implications.

Vault 7 CIA Leaks

Read the rest of this post »

Should your web site database have its own dedicated server?

Published: March 15th, 2017

It comes down to security and reliability.  Should your web site be on one server (or a cluster of servers) and your database be on its own dedicated server (or servers)?  What are the pros and cons?  Is it worth the expense?  We shall delve into these business-critical questions in this article.

Dedicated Databases for Secure Web hosting

Lets look at the security and reliability impact of the various common configuration choices.

Shared Hosting

In a shared hosting environment, generally, your web site and database are hosted on the same server as the web sites and databases of many other businesses (and hackers…?) unknown to you and outside of your control.

Read the rest of this post »

WordPress Security Overview: Can WordPress be HIPAA-compliant?

Published: March 13th, 2017

WordPress is a content management system that dominates the internet, powering more than 24% of the web. Although it has many great features that make it quick and easy to set up, the complications associated with HIPAA standards can make it difficult to achieve compliance. WordPress has recovered from a checkered past as far as security is concerned, but it is still a third party tool which is not specifically designed to conform to HIPAA standards.

WordPress Security

Read the rest of this post »

17 Questions To Ask Yourself Before You Send A HIPAA-Compliant Marketing Email

Published: March 10th, 2017

You’ve just been told that you need to rethink your entire email marketing system. Your attorney and compliance specialist are both telling that you need implement HIPAA-compliant email marketing.

Your starting point is to break down that goal into two components: business goals and HIPAA compliance. Your email marketing has to achieve your business goals like providing fast customer service and generating more appointments. Next, you need to put HIPAA compliant systems and processes in place.

Use these 17 questions to review your email marketing aligns with your business goals and HIPPA.

HIPAA-compliant email marketing

Read the rest of this post »

iOS vs Android in the Battle of Bring Your Own Device to Work Security

Published: March 6th, 2017

Bring Your Own Device (BYOD) policies are on the upswing, with many organizations embracing them for the perceived cost savings and productivity gains. Allowing employees to bring and use their own devices for work purposes generally means that they are more comfortable and efficient at using them. It also saves businesses from purchasing and replacing devices as technology progresses.

BYOD policies aren’t exactly a win-win situation for enterprises, as these benefits come with a range of security complications. One of the biggest questions is which operating system is better, Android or iOS?

iOS or Android?

Despite Android dominating the rest of the market, in a 2015 survey (the latest reliable data) iOS dominated the enterprise scene with 66% of devices. Although there aren’t any more recent figures that can be trusted, Android’s security issues over the last few years may have acted as a deterrent for uptake in the business environment.

Android is open source in nature, while iOS is closed source. While there are benefits to each of these approaches, Android’s nature has seen it develop more significant security issues than its rival OS.

Another key issue that Android faces is its fragmentation across the market. Six months out from its release, Android’s latest version, Nougat, has seen little more than a 1% adoption rate. About 31% of users are still using the previous version, Marshmallow, while about the same number again are using the version before that, Lollipop. iOS 10 was released at a similar time, however it is already used on 76% of devices.

This is largely due to Android being used across devices from a wide range of manufacturers, including many budget models. Each manufacturer can add their own software to their Android devices, which results in security complications that Apple doesn’t have to deal with. Apple only has to worry about its own devices, which makes it much easier to deploy the latest versions of their operating system.

Read the rest of this post »

Why Are Hackers Targeting Your Medical Records?

Published: March 2nd, 2017

Medical record theft is booming. Over the past few years, large scale breaches have become more common and increasingly severe. Last year in June, a hacker named thedarkoverlord was selling 650,000 US healthcare records as part of a long-running crime spree. The collection was listed on a deep web marketplace called the Real Deal for over $700,000 worth of Bitcoin.

A cancer treatment provider called 21st Century Oncology had 2.2 million patients records compromised in late 2015. The stolen data included patient names, the names of their doctors, social security numbers, insurance information, diagnoses and treatments. The company was required to notify all of the affected patients and they have also offered free credit protection for one year as partial compensation. 

This is just the tip of the iceberg. According to Bitglass, 113 million Americans were affected by healthcare data breaches in 2015. This is almost 10 times more than the previous year. The IDC’s Health Insights group predicted that one in three patients would be the victim of a breach in 2016. This trend is likely to continue or even intensify over the coming years.

Read the rest of this post »

eBook: HIPAA-compliant Website Basics

Published: February 27th, 2017

What healthcare organizations need to know about HIPAA-compliant web sites

Book 2 in the LuxSci Internet Security Series.

Created by Erik Kangas, PhD

This LuxSci eBook is your well-researched guide to both a critical understanding of the specific issues and concepts of HIPAA as it applies to web sites, so that you stay compliant with these government standards. This document will provide a framework for your health care organization to keep the privacy of patient information front and center while still having an engaging web presence. Providers will have the necessary tools to meet all requirements established by HIPAA for access to, storage of, and transmission of protected health information (PHI) through web sites.

This eBook includes sections on:

  1. Introduction
  2. What are HIPAA-compliant web sites?
  3. HIPAA-compliance for WordPress
  4. What is HIPAA-compliant web site hosting?
  5. Components of a solid web site hosting infrastructure
  6. Finding a HIPAA-compliant provider
  7. What are HIPAA-compliant web forms?
  8. Informing developers of HIPAA requirements
  9. Conclusion

Download the eBook

What is HIPAA-compliant Email Marketing?

Published: February 27th, 2017

To achieve HIPPA-compliant email marketing, you need to satisfy two objectives. First, you need to understand the fundamentals of email marketing. Second, you need to execute your email marketing activities within HIPPA’s requirements and restrictions.

HIPAA-compliant email marketing

It’s easy to make a mistake with HIPAA-compliant email marketing, especially when you’re in a rush.

Picture this:

You leave your clinic early on a Thursday afternoon to head off on a vacation. Before you go, you ask your office manager to send off an email blast. You were just certified on a new procedure and you know at least 200 patients in your files would likely benefit from it. A simple message inviting them to the office for a consultation next week is the perfect next step. Your office manager takes some quick notes and promises to send off the note tomorrow. And off you go for a weekend of golf at Pebble Beach.

On your way home, you check your email. You see an angry email from a patient and start reading. It turns out that you’ve violated some arcane HIPAA rules… Even worse, that patient’s sister is an attorney who has promised to call you tomorrow. You’re pretty sure you’ve done nothing wrong but you’re nervous on the flight home.

This situation could have been prevented if your office manager had asked you one simple question:

Read the rest of this post »

Is a “Click Here to Agree” checkbox really legally binding?

Published: February 24th, 2017

Your web site order form or registration form comes complete with terms and conditions.  What is the best way to have the user see and agree with these terms?  Ultimately, you want the user’s agreement to be legally binding so that if there should ever be an issue, you are protected.  Is it good enough to have the user check an agreement checkbox?  Do you have to do more?  Do you have to be sure that the user actually reads the terms?

These questions come up all of the time and righty are a cause for concern.  Just because other web sites do it “one way” does not necessarily make that way right for you or best for you.  In this article, we will tackle the how the different choices you make in getting user agreement translate (or don’t translate) into binding contractual relationships.*

Read the rest of this post »