1-866-245-5224 info@globallearningsystems.com
Wed, August 23, 2017 Twitter LinkedIn

Compliance Training Blog

Security is everyone's responsibility

Why HIPAA Training is Essential in the Workforce

HIPAA and patient privacy have become of utmost importance in all areas of health care. Patient information is extremely valuable and protected at all costs by HIPAA. The recent growth of the healthcare field has brought about a host of industries into the field including the following: technology experts, pharmacy professionals, insurances, those in healthcare sales and of course an abundance of care providers. HIPAA training is essential to all of these professionals, as well as a number of others in the field to ensure that the valuable information related to a patient’s health is safeguarded and protected.

What is HIPAA?
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 was passed by congress in an effort to aid people in keeping health insurance as well as protecting the confidentiality and security of health information. The privacy piece of the act enforces the protection of individually identifiable health information that is transmitted via any medium. This is extremely important to the day to day operations of all healthcare entities. The Health Information Technology for Economic and Clinic Health (HITECH) Act was enacted in 2009 and further amends HIPAA to include the advances of health care technology like electronic health records.

PHI (Protected Health Information) is protected by HIPAA and includes any identifying information about a person relating to their past, present or future physical or mental health. This includes not only their name, social security number and date of birth but also their disease, diagnosis, procedures, conditions and prognosis. It is easy to see why this information is important to protect. Any individual would want this information about themselves kept private, and only transmitted to the appropriate entities; other care providers, or insurance providers for payment, etc. All of this information can be contained in a variety of mediums including paper files, voicemails or faxes. EPHI (Electronic Protected Health Information) includes all of the aforementioned items except that they are saved, transmitted or received in an electronic form.

HIPAA further identifies the rights of patients in obtaining their PHI, changing errors to their records, requesting confidential communication as well as their right to complain. Most cases require a patient’s authorization for the release of PHI however health care providers are able to release information if the information is necessary or related to treatment, payment, and operations or is mandated by law.

Why is HIPAA Important?
A patient’s PHI or ePHI often contains very sensitive information, that, if released into the wrong hands could cause serious problems. Protecting this information is important to patient care but also to avoid harm to the patient. If a patient’s health condition is unintentionally released to their employer or another family member without the patient’s permission this could cause a number of negative consequences for the patient.

Very often there is gray area about what information about a patient can be released. Many professionals and employees don’t realize that simply talking about a patient and including any identifying information (their situation, their hair color, where they live etc.), even if the name is omitted, is a violation of HIPAA. Patient information should never be discussed with other individuals who are not included in the care of the patient. Furthermore, electronic records have made it easier for healthcare professionals to access patient data. This has made HIPAA training all the more important to educate healthcare professionals about when it is appropriate and inappropriate to access a patient’s chart.

Breaches in health information and HIPAA violations are a serious legal offense. They can bring about very costly litigations that can carry on for months. Avoiding these types of situations is the best method of dealing with them. HIPAA and the HITECH Act are both in depth ensuring that a workforce managing any PHI or ePHI is trained in HIPAA guidelines.

How Can I Get Training?
HIPAA compliance training is a requirement of the HIPAA and HITECH training component for all staff handling PHI. Global Learning Systems offers HIPAA training to aid organizations in meeting this requirement. HIPAA compliance training will educate employees about what HIPAA is, why it is so important and how to honor its guidelines. This means learning about what PHI is, how to recognize it and when it can be transmitted without patient authorization. To avoid costly litigations, and protect patients’ health information, HIPAA training is essential to the work force.


Keeping your Corporate Information out of Unauthorized Hands

In this day and age of technology doing everything under the sun, and people getting smarter and savvier in using it, we are overwhelmed with all the benefits the internet holds in our very own homes and businesses. Networking, as well as storing information and even securing buildings has been revolutionized by the tech world, bringing new knowledge and better productivity to all, at a faster rate than ever before.

However, the good always comes along with pitfalls, which in this case can be very serious. Hacking, phishing, keylogging, and inside security breaches are just a few things we have to worry about when it comes to business systems in the corporate world. It may mean changing the way systems are run, limiting access to important documents, and locking down more strictly on security, but taking precautions against these attacks on classified, crucial information is possible, and very worth it.
A Few Ways to Be Sure Information is Secured:
Passwords: This should be natural to all corporate leaders and employees, but it truly can’t be stressed enough. To be sure all of your data on and offline is secure from intruders, always protect with a secure password. Secure means you should not use a common word, name, or date. Each person with access to data, networks and devices should have unique passwords, using upper and lowercase letters, numbers, and symbols. A different password for everything may seem like a hassle, but the protection is strengthened by miles. Create a document file of all of your usernames and passwords and have it encrypted, or have them in a small book locked away in a safe.  
Firewalls and Antivirus:  Another seemingly obvious one, but a crucial part of keeping your information out of the wrong hands.

  • Always protect your business, and home computer by putting up a firewall. It will control all internet traffic going in and out, filtering the information and alerting you to suspicious behavior.
  • To assist the firewall in getting rid of threats to your security, install a credible Anti-virus and anti-malware software. With these safety nets, you run much less of a chance of being invaded by internet phishing and hackers.

Beware of Suspicious Emails: Never open a link unless it’s been verified. Even in an email from a trusted employee or boss, there can be phishing links that will expose your computer’s data to unwanted intruders. Of course, any suspicious email from an unknown address with links attached should be immediately discarded, and the address blocked.  Avoid using your business email address to sign up for newsletters, purchase subscriptions, or ordering items.  If you have a  separate, personal address for these things, spam and possible virus mail will be less likely to get into your more sensitive data.
Employee Security: Many of the most detrimental errors resulting in security breach can be simply unawareness from an untrained eye or inexperienced hand.  There are some things you should always do when hiring employees that you plan on trusting with crucial tasks.

  • Background checks are extremely important, just to be sure your employees are trustworthy from the beginning. A thorough screening should also be conducted by speaking with references, and beginning with a trial period of work in which you verify the employee’s reliability before he/she is entrusted with more sensitive tasks.
  •  After hiring, basic training would do a world of good to keep everyone on the same page, as well as a monthly security awareness videos to inform and instruct your organization on the dangers and prevention of security breaches.  Global Learning Systems offers a great course and multiple modules on this topic for you to look into, with a program demo to try out as well.
  •  A system to verify employee identity is a must as well. Whether it’s an I.D. card to be swiped, a unique code to be entered, or a fingerprint authentication system, security is a must when allowing others into areas containing secure data.
  • Allow access to others on a need-to-know basis only. The more selective you are with information, and the fewer hands vulnerable data has to pass through, the better and more secure it will be. 

Constantly Be on Guard:

  •  On the internet, in your networks, in emails, etc, never let your guards down, keep your eye out for internet data  predators
  •  Know who has access to everything.
  •  Keep open lines of communication with every employee.
  •  Address any concerns regularly and hold monthly training like the one mentioned above. If everyone stays on top of their game, problems will be minimized.

Tips for Identifying and Preventing Identity Theft

Identity theft can be devastating. Many people have had everything they have worked for taken from them through the nefarious acts of others. Here we list several different types of identity theft that everyone needs to be aware of:

Financial identity theft

This type of identity theft occurs when a victim’s bank accounts and credit cards are obtained and used illegally. Generally, the thief is able to withdraw money from the victim’s accounts or make charges with the card number. Financial identity theft can also occur when a thief uses the victim’s personal information to get loans or open credit cards.

Driver’s license identity theft
When someone’s driver’s license is stolen, they are at risk for this type of identity theft.  At the simplest level, the thief will sell the stolen ID card to someone with similar features for a quick profit. The thief can also drive illegally with it and any infractions will be charged toward the name on the ID. If the driving offences are serious, it can result in a loss of driving privileges for the person who had the ID stolen.

Criminal identity theft
This type of theft stems from driver’s license theft. The person with the stolen ID can commit a crime and when an arrest occurs, use the ID to give a fake identity and the victim will receive the blame.

Social security identity theft
Social security numbers are important pieces of private information and should be guarded carefully. Identity thieves who obtain a victim’s social security number can wreak a lot of havoc. They can defraud the government and can receive benefits that were meant for the true holder of the number. The thief can also use a social security number to falsify documents in order to take out loans, get credit cards, or even get a passport.

Medical identity theft
This is a very specific type of identity theft. The thief will steal someone’s medical identity in order to commit insurance fraud by making false claims. Unfortunately, this type of identity theft can have major consequences. The victim’s medical records can be altered, which could result in incorrect diagnoses.

Child identity theft
This is quite simply the theft of a child’s identity through the stealing of a social security number. It generally happens because children don’t check credit reports and too often parents don’t think that their kids’ identities can be stolen.

Synthetic identity theft
This type of identity theft requires the thief to take information from various people’s identity to create an entire new identity. The fake identity can open credit accounts, apply for loans, and get a new cell phone, to name a few things. The lenders as well as the victims who have their names and social security numbers stolen are the biggest losers in this crime.

Thankfully, there are some easy steps everyone can take in order to be protected from identity theft.

Only carry essential documents
Be sure to leave important documents such as a social security card, passport, and birth certificate locked and at home. Keeping these items in a purse or wallet can increase the likelihood of identity theft. It is even a good idea to carry as few credit cards as possible.

New checks
When receiving new checks, have them delivered to the post office rather than the home. This will prevent the checks from being stolen, altered and cashed by an identity thief.

Do not give personal information out over the phone. Identity thieves like to make phone calls posing as banks or government agencies for the sole purpose of stealing identities.

Identity thieves are not above rummaging through trash for personal information. Shred everything that can be used to gain personal information. This includes, but is not limited to receipts, credit card offers, bank statements, and returned checks. A good rule of thumb to follow is, if you’re in doubt, shred it. It’s better to be safe than sorry.

Know your credit
Keep up-to-date on credit scores. It is also a good idea to sign up with a credit monitoring service.

Protect your Social Security Number
Treat your SSN like the important piece of data it is. Don’t put it on your checks where it can be seen by other people, don’t carry the card with you, and don’t give the number to others. Furthermore, do not share your social security number with medical facilities, financial institutions, and other accounts unless absolutely necessary and you have verified the security of your information. Many institutions request this information, but always verify it is required before providing it.

Follow credit card billing cycles
Often the first step identity thieves take is changing a billing address; so, be extra vigilant. Make sure you receive a bill every month and make sure everything is accurate on it.  

Make passwords and PIN numbers a random mix of letter, numbers, and characters so they are difficult to guess.   

Keep passwords filed away
Be sure to keep a list of passwords, expiration dates, and important telephone numbers but don’t keep it in a purse or wallet that can be easily stolen. Instead keep it safely filed where it can be easily accessed by you but not obvious to someone else.

Identity theft can be difficult to recover from so it is crucial to take steps to help protect yourself. Be careful and vigilant to assure you won’t become the next victim.


award Winner Two Years In A rowaward award award  

Award-winning Training for Powerful Results

Request a Demo