Podiatry Management Online


Podiatry Management Online
Podiatry Management Online



Search Results Details
Back To List Of Search Results

06/09/2015    Michael L. Brody, DPM

Computer Security (David E. Gurvis, DPM)

Dr. Gurvis has a number of valid concerns about
the difficulty securing our records and the
illusion of security. Most hackers and thieves
of information are looking for financial
information; this information is found in our
practice management systems.

Most of us have used practice management
systems for many years. Blaming the issues we
face protecting our data should not be laid at
the feet of EHR. We need computer security to
protect our billing records as well as our EHR

Completing a HIPAA Security Risk Analysis is a
government requirement. We need to identify
the risks to our data, and then address those
risks. We must do everything that is REASONABLE
to protect our data. We will need to spend
reasonable amount of time, effort, and money to
address those risks.

Reasonable means that we must take all steps
that are within our resources. We should expect
to spend approximately 10% of our IT budget on
Cyber Security. Ask the question “What is my IT
Budget? And how much is 10% of that?” That is
the amount that we should spend on cyber
security technology.

This process will not completely protect us
from cybersecurity attacks, but it will make us
compliant with the HIPAA Security Rule. The
HIPAA Security Rule clearly state that if we
have a HIPAA Breach, and we remediate that
breach within 30 days we cannot be fined as
long as we have properly completed our HIPAA
Security Risk Analysis.

We carry malpractice practice because even if
we do everything right something can go wrong.
We need to look at the cyber risks in the same
way. One of the best ways to manage that risk
is with Cyber Security Insurance. My
malpractice carrier, PICA, has started
including Cyber Security Insurance with the
policies that they are providing.

I recommend that each and every podiatrist
consider checking with their malpractice
carrier to see if there is any Cyber Security
Insurance with their policy and what those
limits are. If you find that you do not have
this insurance or that the limits are below
what you are comfortable with, you should
consider purchasing this insurance for your

If you have not yet completed a properly
executed HIPAA Security Plan, there are many
consultants that can assist you. The Manta
Group and my company, TLD Systems both
advertise on PM News and both can provide this

Michael L. Brody, DPM, President and CEO TLD

There are no more messages in this thread.