From Missile Control to Data Awareness and Classification: Seven tips for embracing a "healthy discomfort" when working with patient data


Nearly one year to the day from my college graduation I took my first “alert” in an underground Minuteman II Missile Launch Control Center deep beneath a Montana prairie. That was the first of 213 (but who was counting) 24-hour - and sometimes 48-hour - shifts commanding anywhere from 10 to 50 nuclear weapons, ensuring their security and immediate launch capability. The Minuteman complex was a multi-site, interconnected system with a program of physical, administrative, and technical controls that few organizations can duplicate. 

Mark E. Ferrari, MS, PMP, CISSP, HCISPP
Read more

Incident Containment: When your 4.7 seconds come, how will your team perform?

 

There is 4.7 seconds left in the game. The score is tied. The ball is in-bounded...and we know the rest. Villanova junior, Kris Jenkins, takes a pass from senior, Ryan Arcidiacono, and sinks a 3-pointer, leaving 0.0 on the clock. Sure, this is a shameless plug for my alma mater, but is also one of the best finishes in NCAA Basketball Championship history.

Mark E. Ferrari, MS, PMP, CISSP, HCISPP
Read more

Avoiding Your Own “Internal State of Emergency"

 

Just this week, two more hospitals in the US publicly announced that they were hit by ransomware.  Alvaro Hospital Medical Center and King’s Daughters’ Health joined the ranks of Kentucky Methodist Hospital, Chino Valley Medical Center and Desert Valley Hospital of California that were attacked and their data held for ransom. Although these organizations are said not to have paid, a previous attack on Hollywood Presbyterian Medical Centre in Los Angeles cost that organization nearly $17,000.

Doug Vitale, CISSP
Read more

OCR Phase 2 Audit Program Launched -- Nuggets to Know

 

Recently, the Office of Civil Rights (OCR) launched Phase 2 of the HIPAA Audit Program by sending emails to covered entities and their business associates requesting confirmation of contact information.

Our Security, Privacy and Compliance (SPAC) team at BluePrint Healthcare IT is committed to bringing salient insights as Phase 2 unfolds. We are currently evaluating their guidance and the information available to incorporate relevant components into our services and program.

Nate Volkman, MBA
Read more