HIPAA calls for careful social media behavior

Healthcare providers that use social media platforms like Facebook and Twitter can interact with their patients, advertise new services, and communicate urgent announcements. Even though there’s immense potential for social media to improve healthcare, it can also expose patient-specific information when used irresponsibly.

What social media actions violate HIPAA rules?

Posting patients’ protected health information on social media, even if it’s accidentally, without the patients’ permission or authority is a violation of HIPAA regulations. This includes actions like:

  • Sharing pictures (like a team lunch in the workplace) with patient information visible in the background
  • Sharing any form of PHI (such as images or videos)
  • Posting any information that could identify an individual
  • Sharing gossip about a patient, even if the patient’s name is not mentioned

What are the consequences of violating HIPAA?

People in the healthcare industry should not treat HIPAA violations lightly. If an employee is found guilty of breaking a HIPAA rule, they could face fines between $100 and $1,500,000 depending on the severity of the violation. They could also face a 10-year jail sentence, lawsuits, job termination, and revocation of their medical license.

How can healthcare organizations prevent violations?

There are simple ways to avoid HIPAA violations while using social media:

  • Don’t post stories about patients on social media. Even if the patient’s name is omitted, the patient could still be identified by their diagnosis or treatment.
  • Check the background of photos before posting. Make sure there are policies that prohibit employees from posting photos of a patient or their information.
  • Prohibit employees from offering medical advice on social media. It’s best practice to refrain from posting diagnosis or treatment plans on social media, even if a patient asks for medical advice.
  • Always get written permission. Sometimes, a patient’s story is too great not to share. Maybe they made an astonishing recovery or exhibited great strength in the face of adversity and you want to share their accomplishment. In cases like these, ask for written permission from the patient before posting anything on social media.
  • Undergo training on HIPAA security and HIPAA privacy procedures and policies. Make sure to discuss topics such as workstation use, workstation security, and using personal devices for work. These procedures ensure that employees comply with HIPAA rules and are protecting patient information, whether it be electronic, written, or oral.

Do you work in the healthcare industry and need help managing IT and privacy issues? Feel free to call us today!

This post was originally published on this site

HIPAA calls for careful social media behavior

Healthcare providers that use social media platforms like Facebook and Twitter can interact with their patients, advertise new services, and communicate urgent announcements. Even though there’s immense potential for social media to improve healthcare, it can also expose patient-specific information when used irresponsibly.

What social media actions violate HIPAA rules?

Posting patients’ protected health information on social media, even if it’s accidentally, without the patients’ permission or authority is a violation of HIPAA regulations. This includes actions like:

  • Sharing pictures (like a team lunch in the workplace) with patient information visible in the background
  • Sharing any form of PHI (such as images or videos)
  • Posting any information that could identify an individual
  • Sharing gossip about a patient, even if the patient’s name is not mentioned

What are the consequences of violating HIPAA?

People in the healthcare industry should not treat HIPAA violations lightly. If an employee is found guilty of breaking a HIPAA rule, they could face fines between $100 and $1,500,000 depending on the severity of the violation. They could also face a 10-year jail sentence, lawsuits, job termination, and revocation of their medical license.

How can healthcare organizations prevent violations?

There are simple ways to avoid HIPAA violations while using social media:

  • Don’t post stories about patients on social media. Even if the patient’s name is omitted, the patient could still be identified by their diagnosis or treatment.
  • Check the background of photos before posting. Make sure there are policies that prohibit employees from posting photos of a patient or their information.
  • Prohibit employees from offering medical advice on social media. It’s best practice to refrain from posting diagnosis or treatment plans on social media, even if a patient asks for medical advice.
  • Always get written permission. Sometimes, a patient’s story is too great not to share. Maybe they made an astonishing recovery or exhibited great strength in the face of adversity and you want to share their accomplishment. In cases like these, ask for written permission from the patient before posting anything on social media.
  • Undergo training on HIPAA security and HIPAA privacy procedures and policies. Make sure to discuss topics such as workstation use, workstation security, and using personal devices for work. These procedures ensure that employees comply with HIPAA rules and are protecting patient information, whether it be electronic, written, or oral.

Do you work in the healthcare industry and need help managing IT and privacy issues? Feel free to call us today!

This post was originally published on this site

How to strengthen your BYOD security

Many businesses are adopting bring your own device (BYOD) policies as more employees work from home. The problem is, if you’re not careful, BYOD can expose your company to major cybersecurity risks, including the following.

  • Loss or theft of devices – Employees often bring their personal devices wherever they go. This means there’s a higher chance of devices, as well as the data stored in them, being lost or stolen.
  • Man-in-the-middle (MITM) attacks – Cybercriminals can intercept information transmitted from employees’ devices if these are connected to poorly secured public Wi-Fi networks.
  • Jailbroken devices – Jailbreaking is the process of removing the restrictions imposed by the manufacturer of a device, typically to allow the installation of unauthorized third-party software. This increases the risk of an employee inadvertently installing malicious software on a personal device.
  • Security vulnerabilities – If employees have outdated operating systems and software on their devices, cybercriminals can exploit unpatched vulnerabilities to gain unfettered access to company systems
  • Malware – A personal device that has been infected with malware can spread that malware to other devices that are connected to the company network and cause data loss and downtime.

To mitigate these risks, you must devise a BYOD security policy that works for the needs of your business as well as the needs of your employees. Here’s what you need to do:

1. Set passwords on all BYOD devices

Prevent unauthorized access to company data by enforcing the use of passwords on all employee devices and accounts. Passwords should be unique; contain letters, numbers, and symbols; and are at least 12 characters long. It’s also a good idea to implement multifactor authentication to add another method of identity verification such as fingerprint scans or temporary passcodes sent via email.

2. Blacklist unsanctioned applications

Blacklisting involves prohibiting the installation of certain applications on BYOD devices that are used for work purposes. This includes applications like games, social networking apps, and third-party file sharing platforms. The simplest way to blacklist applications is through a mobile device management platform that enables IT administrators to secure and enforce policies on enrolled devices.

3. Restrict data access

Adopt the principle of least privilege on both BYOD and company devices. This means that a user is able to access only the data and software required to do their job. This can reduce the effects of certain types of malware and limit the fallout in the event of a data breach.

4. Invest in anti-malware software

Anti-malware software identifies and removes malware before they cause irreparable harm to a device. The best anti-malware programs are often backed by the latest threat intelligence databases and use behavior-based detection techniques to pick up any traces of malware.

5. Backing up device data

A well-thought-out BYOD policy can go a long way toward minimizing the risk of a security breach, but if something manages to slip past your defenses, you need to have backups prepared. Back up your data in off-site servers and in the cloud to ensure that any data stored locally on a device can be quickly recovered.

6. Educate your staff about security

The vast majority of BYOD-related security risks involve human error. This is why you should educate your employees about proper mobile safety. Train them on spotting apps that could contain malware, sharing security threat updates, and securing their devices beyond enabling default security settings.

You should also approach us if you need assistance with protecting your BYOD environment. As a professional managed IT services provider, we keep tabs on the latest trends and innovations related to BYOD and will recommend solutions that work for your company. Contact us today to see how we can help.

This post was originally published on this site

How to strengthen your BYOD security

Many businesses are adopting bring your own device (BYOD) policies as more employees work from home. The problem is, if you’re not careful, BYOD can expose your company to major cybersecurity risks, including the following.

  • Loss or theft of devices – Employees often bring their personal devices wherever they go. This means there’s a higher chance of devices, as well as the data stored in them, being lost or stolen.
  • Man-in-the-middle (MITM) attacks – Cybercriminals can intercept information transmitted from employees’ devices if these are connected to poorly secured public Wi-Fi networks.
  • Jailbroken devices – Jailbreaking is the process of removing the restrictions imposed by the manufacturer of a device, typically to allow the installation of unauthorized third-party software. This increases the risk of an employee inadvertently installing malicious software on a personal device.
  • Security vulnerabilities – If employees have outdated operating systems and software on their devices, cybercriminals can exploit unpatched vulnerabilities to gain unfettered access to company systems
  • Malware – A personal device that has been infected with malware can spread that malware to other devices that are connected to the company network and cause data loss and downtime.

To mitigate these risks, you must devise a BYOD security policy that works for the needs of your business as well as the needs of your employees. Here’s what you need to do:

1. Set passwords on all BYOD devices

Prevent unauthorized access to company data by enforcing the use of passwords on all employee devices and accounts. Passwords should be unique; contain letters, numbers, and symbols; and are at least 12 characters long. It’s also a good idea to implement multifactor authentication to add another method of identity verification such as fingerprint scans or temporary passcodes sent via email.

2. Blacklist unsanctioned applications

Blacklisting involves prohibiting the installation of certain applications on BYOD devices that are used for work purposes. This includes applications like games, social networking apps, and third-party file sharing platforms. The simplest way to blacklist applications is through a mobile device management platform that enables IT administrators to secure and enforce policies on enrolled devices.

3. Restrict data access

Adopt the principle of least privilege on both BYOD and company devices. This means that a user is able to access only the data and software required to do their job. This can reduce the effects of certain types of malware and limit the fallout in the event of a data breach.

4. Invest in anti-malware software

Anti-malware software identifies and removes malware before they cause irreparable harm to a device. The best anti-malware programs are often backed by the latest threat intelligence databases and use behavior-based detection techniques to pick up any traces of malware.

5. Backing up device data

A well-thought-out BYOD policy can go a long way toward minimizing the risk of a security breach, but if something manages to slip past your defenses, you need to have backups prepared. Back up your data in off-site servers and in the cloud to ensure that any data stored locally on a device can be quickly recovered.

6. Educate your staff about security

The vast majority of BYOD-related security risks involve human error. This is why you should educate your employees about proper mobile safety. Train them on spotting apps that could contain malware, sharing security threat updates, and securing their devices beyond enabling default security settings.

You should also approach us if you need assistance with protecting your BYOD environment. As a professional managed IT services provider, we keep tabs on the latest trends and innovations related to BYOD and will recommend solutions that work for your company. Contact us today to see how we can help.

This post was originally published on this site

Save on electricity with these PC tips

When it comes to saving energy, every little effort goes a long way. The more energy-efficient your PC is, the more money you save. In fact, you can save up to $50 a year if you activate your PC’s power-saving feature. Further increase your savings by following these tips:

1. Unplug your computer when not in use

When you’re not using your computer, it’s best to shut it down and unplug it. This is because a plugged-in PC — even when switched off — still consumes standby power.

2. Disconnect external devices

When they’re connected to your PC, devices such as printers, headphones, and webcams consume power even when they’re not in use. This is why you should disconnect or remove external devices from your PC once you’re done using them.

3. Alternatively, use a smart strip, especially for computers you cannot turn off

A smart strip is a series of several electrical outlets in one strip, with circuits to monitor and maximize your gadgets’ power consumption. It can electronically unplug any device so that they stop drawing current, which saves energy. By connecting your PC and peripherals (e.g., printers, scanners) to the smart strip, you won’t need to unplug your equipment when you’re not using them.

4. Adjust your computer’s energy settings

Adjusting your PC’s power settings will help you consume less energy. For example, you can opt to put your hard drive and monitor into sleep mode when they’re left idle for a few minutes. Lowering the brightness of your screen also saves electricity.

5. Use a charger only when your laptop is charging

When we charge our laptops, we tend to forget about them, leaving them plugged in for hours. Unfortunately, overcharging degrades the battery over time. Leaving the charger plugged in — even if it’s not connected to your computer — also consumes standby power.

To save energy, make sure to unplug your laptop charger once you’re done charging. Alternatively, you can use a wall outlet with a timer or plug your charger into a smart strip.

6. Choose an Energy Star-compliant PC

Energy Star is the US Environmental Protection Agency’s symbol for energy efficiency. Every product that earns the Energy Star symbol is guaranteed to deliver both quality performance and energy savings. The more stars a product has, the more energy-efficient it is. Studies show that a single Energy Star-compliant computer and monitor can save between $7 and $52 per year in electricity bills.

These tips should help you lower your electricity costs and make smart hardware choices. If you need assistance in choosing the best hardware for your specific needs, give us a call. We’ll be glad to help.

This post was originally published on this site

Save on electricity with these PC tips

When it comes to saving energy, every little effort goes a long way. The more energy-efficient your PC is, the more money you save. In fact, you can save up to $50 a year if you activate your PC’s power-saving feature. Further increase your savings by following these tips:

1. Unplug your computer when not in use

When you’re not using your computer, it’s best to shut it down and unplug it. This is because a plugged-in PC — even when switched off — still consumes standby power.

2. Disconnect external devices

When they’re connected to your PC, devices such as printers, headphones, and webcams consume power even when they’re not in use. This is why you should disconnect or remove external devices from your PC once you’re done using them.

3. Alternatively, use a smart strip, especially for computers you cannot turn off

A smart strip is a series of several electrical outlets in one strip, with circuits to monitor and maximize your gadgets’ power consumption. It can electronically unplug any device so that they stop drawing current, which saves energy. By connecting your PC and peripherals (e.g., printers, scanners) to the smart strip, you won’t need to unplug your equipment when you’re not using them.

4. Adjust your computer’s energy settings

Adjusting your PC’s power settings will help you consume less energy. For example, you can opt to put your hard drive and monitor into sleep mode when they’re left idle for a few minutes. Lowering the brightness of your screen also saves electricity.

5. Use a charger only when your laptop is charging

When we charge our laptops, we tend to forget about them, leaving them plugged in for hours. Unfortunately, overcharging degrades the battery over time. Leaving the charger plugged in — even if it’s not connected to your computer — also consumes standby power.

To save energy, make sure to unplug your laptop charger once you’re done charging. Alternatively, you can use a wall outlet with a timer or plug your charger into a smart strip.

6. Choose an Energy Star-compliant PC

Energy Star is the US Environmental Protection Agency’s symbol for energy efficiency. Every product that earns the Energy Star symbol is guaranteed to deliver both quality performance and energy savings. The more stars a product has, the more energy-efficient it is. Studies show that a single Energy Star-compliant computer and monitor can save between $7 and $52 per year in electricity bills.

These tips should help you lower your electricity costs and make smart hardware choices. If you need assistance in choosing the best hardware for your specific needs, give us a call. We’ll be glad to help.

This post was originally published on this site

What do business phone systems look like today?

Although digital communication tools let businesses connect with customers and other stakeholders in an efficient manner, landlines are still used to communicate with business stakeholders. And for many organizations, determining whether to use internet phones or traditional landlines remains a concern. To help you decide, here’s a short guide on different types of business phones and their respective life cycles and technology options.

Different phone systems

Today’s businesses still use landlines to connect with various stakeholders, such as customers, investors, and suppliers, to service their needs. However, telephony has come a long way from when it first came about in 1876. For instance, Voice over Internet Protocol (VoIP) phones have virtually unlimited reach, are automated, and are cheaper than ever to acquire.

VoIP is a telephony solution that uses the internet instead of wired circuits to transmit data. VoIP does more than just transmit audio — it can also send a variety of data (video, multimedia, SMS, etc.) and perform other tasks as well.

A VoIP system’s hardware (phone units, cables, CPUs, etc.) and software (one or more applications that run the system) can be either on-premises or hosted:

  • On-premises – Hardware and software are physically housed within the premises of the company.
  • Hosted – Some of the hardware, like phone units and other equipment, can be found within the premises. But most, if not all, of the software is hosted online. Service providers look after hosted systems for their clients.

Life cycles: On-premises vs. hosted

With hardware, it doesn’t matter whether it’s on-premises or hosted. Hardware is affected by the wear and tear stemming from daily use. Barring any accidents or physical damage, VoIP hardware should last several years.

On the other hand, software requires regular updates. It’s worth noting that it’s faster and cheaper to update software that’s hosted in the cloud versus one that’s on premises. However, there’s not much difference in how much either one can last — software for both types of VoIP systems can last upwards of 10 years, depending on how dependable your IT support is.

Technology today vs. before

In the past, hardware and software were built to last. Today, they’re built to adapt and change, thanks to cloud technology.

The effect of this shift on hardware and software is dramatic:

Most hardware components are very similar, with replacements and upgrades coming every 5–8 years on average.

Cloud software is faster, easier, and cheaper to upgrade than software for on-premises systems. Critical cloud updates can be released almost constantly, and a cloud system may be completely overhauled in as short as 2–3 years’ time.

Whichever phone system you choose, it should integrate smoothly with the other systems in your business, such as email or customer relationship management software. And as your business expands, your chosen phone system should easily scale with it, too.

Be a step ahead

Downtime results in loss of potential sales and, essentially, wasted money. If your phone service is spotty and constantly unreliable, perhaps it’s time to switch to VoIP phones.

Nowadays, it’s not the longevity of a tech solution that’s important, but rather staying ahead of the curve to trump the competition. Call our experts today so you can always leverage the best VoIP and other IT solutions available today.

This post was originally published on this site

What do business phone systems look like today?

Although digital communication tools let businesses connect with customers and other stakeholders in an efficient manner, landlines are still used to communicate with business stakeholders. And for many organizations, determining whether to use internet phones or traditional landlines remains a concern. To help you decide, here’s a short guide on different types of business phones and their respective life cycles and technology options.

Different phone systems

Today’s businesses still use landlines to connect with various stakeholders, such as customers, investors, and suppliers, to service their needs. However, telephony has come a long way from when it first came about in 1876. For instance, Voice over Internet Protocol (VoIP) phones have virtually unlimited reach, are automated, and are cheaper than ever to acquire.

VoIP is a telephony solution that uses the internet instead of wired circuits to transmit data. VoIP does more than just transmit audio — it can also send a variety of data (video, multimedia, SMS, etc.) and perform other tasks as well.

A VoIP system’s hardware (phone units, cables, CPUs, etc.) and software (one or more applications that run the system) can be either on-premises or hosted:

  • On-premises – Hardware and software are physically housed within the premises of the company.
  • Hosted – Some of the hardware, like phone units and other equipment, can be found within the premises. But most, if not all, of the software is hosted online. Service providers look after hosted systems for their clients.

Life cycles: On-premises vs. hosted

With hardware, it doesn’t matter whether it’s on-premises or hosted. Hardware is affected by the wear and tear stemming from daily use. Barring any accidents or physical damage, VoIP hardware should last several years.

On the other hand, software requires regular updates. It’s worth noting that it’s faster and cheaper to update software that’s hosted in the cloud versus one that’s on premises. However, there’s not much difference in how much either one can last — software for both types of VoIP systems can last upwards of 10 years, depending on how dependable your IT support is.

Technology today vs. before

In the past, hardware and software were built to last. Today, they’re built to adapt and change, thanks to cloud technology.

The effect of this shift on hardware and software is dramatic:

Most hardware components are very similar, with replacements and upgrades coming every 5–8 years on average.

Cloud software is faster, easier, and cheaper to upgrade than software for on-premises systems. Critical cloud updates can be released almost constantly, and a cloud system may be completely overhauled in as short as 2–3 years’ time.

Whichever phone system you choose, it should integrate smoothly with the other systems in your business, such as email or customer relationship management software. And as your business expands, your chosen phone system should easily scale with it, too.

Be a step ahead

Downtime results in loss of potential sales and, essentially, wasted money. If your phone service is spotty and constantly unreliable, perhaps it’s time to switch to VoIP phones.

Nowadays, it’s not the longevity of a tech solution that’s important, but rather staying ahead of the curve to trump the competition. Call our experts today so you can always leverage the best VoIP and other IT solutions available today.

This post was originally published on this site

Workplace Analytics: An essential tool for business productivity

Microsoft Workplace Analytics presents a clear picture of employee performance, giving managers and leaders actionable insights to enhance productivity. Learn more about this valuable tool and its benefits to businesses of all sizes across industries.

How does Workplace Analytics work?

A paid add-on to Office 365 enterprise plans, Workplace Analytics extracts behavioral insights from data gathered from emails, calendars, documents, and Office 365 apps. This means any data an employee enters into Office 365 can be used to assess their performance and productivity.

The data from which insights are gleaned are generated by employees themselves — how much time they spend on meetings, who they communicate with, and how much time they spend on productive tasks.

All this data can be viewed on the Workplace Analytics dashboard, where information is sorted using the following metrics:

  • Week in the life provides information on how the entire organization spends time and how employees collaborate with one another.
  • Meetings overview shows the amount of time people spend in meetings.
  • Management and coaching presents information about one-on-one meetings between each employee and their direct manager.
  • The internal networks metric shows how people within your organization communicate and collaborate with one another.
  • External collaboration provides insights into how your employees connect with individuals or teams from third-party organizations.
  • Teams collaboration takes a look at how employees and managers use Microsoft Teams to communicate with their colleagues.

What does Workplace Analytics aim to do?

Workplace Analytics is designed to solve businesses’ most common problems, specifically issues related to productivity and engagement.

Using Workplace Analytics data, business leaders can develop effective productivity strategies for the entire company. For instance, if the data shows that employees spend 60% of their time in meetings, managers can come up with a strategy to make meetings shorter or less frequent so staff can focus on productive tasks. Similarly, human resources personnel can use data on employees’ work patterns to identify the causes of burnout — now a widespread issue across businesses and industries — and make recommendations to address it.

Workplace Analytics can be also used to determine how workers collaborate with internal and external parties. Suppose a member of your sales team frequently works and communicates with certain vendors. The sales team’s manager can pull up Workplace Analytics data and use it to assess whether or not this collaboration is helping the team meet targets, or if it’s causing them to miss out on other, more critical opportunities for collaboration and/or making a sale. Based on this information, the manager can also identify which employees are most likely to meet or exceed their targets and set company-wide standards accordingly.

Finally, Workplace Analytics allows managers to determine an employee’s level of engagement, and whether workloads are fairly distributed among workers and/or departments.

To ensure you get the full benefits of Workplace Analytics, partner with a reputable managed IT services provider like us. Our experts are highly skilled and experienced in implementing and managing Microsoft programs and services, so you can rest easy knowing your business is in good hands. Drop us a line today.

This post was originally published on this site

Workplace Analytics: An essential tool for business productivity

Microsoft Workplace Analytics presents a clear picture of employee performance, giving managers and leaders actionable insights to enhance productivity. Learn more about this valuable tool and its benefits to businesses of all sizes across industries.

How does Workplace Analytics work?

A paid add-on to Office 365 enterprise plans, Workplace Analytics extracts behavioral insights from data gathered from emails, calendars, documents, and Office 365 apps. This means any data an employee enters into Office 365 can be used to assess their performance and productivity.

The data from which insights are gleaned are generated by employees themselves — how much time they spend on meetings, who they communicate with, and how much time they spend on productive tasks.

All this data can be viewed on the Workplace Analytics dashboard, where information is sorted using the following metrics:

  • Week in the life provides information on how the entire organization spends time and how employees collaborate with one another.
  • Meetings overview shows the amount of time people spend in meetings.
  • Management and coaching presents information about one-on-one meetings between each employee and their direct manager.
  • The internal networks metric shows how people within your organization communicate and collaborate with one another.
  • External collaboration provides insights into how your employees connect with individuals or teams from third-party organizations.
  • Teams collaboration takes a look at how employees and managers use Microsoft Teams to communicate with their colleagues.

What does Workplace Analytics aim to do?

Workplace Analytics is designed to solve businesses’ most common problems, specifically issues related to productivity and engagement.

Using Workplace Analytics data, business leaders can develop effective productivity strategies for the entire company. For instance, if the data shows that employees spend 60% of their time in meetings, managers can come up with a strategy to make meetings shorter or less frequent so staff can focus on productive tasks. Similarly, human resources personnel can use data on employees’ work patterns to identify the causes of burnout — now a widespread issue across businesses and industries — and make recommendations to address it.

Workplace Analytics can be also used to determine how workers collaborate with internal and external parties. Suppose a member of your sales team frequently works and communicates with certain vendors. The sales team’s manager can pull up Workplace Analytics data and use it to assess whether or not this collaboration is helping the team meet targets, or if it’s causing them to miss out on other, more critical opportunities for collaboration and/or making a sale. Based on this information, the manager can also identify which employees are most likely to meet or exceed their targets and set company-wide standards accordingly.

Finally, Workplace Analytics allows managers to determine an employee’s level of engagement, and whether workloads are fairly distributed among workers and/or departments.

To ensure you get the full benefits of Workplace Analytics, partner with a reputable managed IT services provider like us. Our experts are highly skilled and experienced in implementing and managing Microsoft programs and services, so you can rest easy knowing your business is in good hands. Drop us a line today.

This post was originally published on this site