Kardon Blog

Security & Privacy News

Keeping you informed and enlightened.

We can do this. It’s easy.

We can do this. It’s easy.

An iconic symbol of on-the-job hilarity is the I Love Lucy episode in the candy factory.  The vision of Ethel and Lucy shoving candy in their mouths, tops, and hats as the conveyor belt moves past can’t help  but make you laugh. Vivian Vance and Lucille Ball ham it up...

read more
Cha-cha-cha

Cha-cha-cha

Someone once said that an optimist is a person who knows if they take one step forward and one step back not to be discouraged, they are just doing the Cha-cha-cha.  I have been trying to take that advice and cha-cha-cha my way through recovery.  As I do so, I realize...

read more
Frankenhand!

Frankenhand!

Just after the first of the year, I had surgery on my right hand. I have spent the weeks since then adapting to not having full use of that hand for several months as it heals. That is definitely a challenge for someone who is fiercely right-handed. Most of my friends...

read more
Malware monster wins again!

Malware monster wins again!

Takeaways: The latest OCR resolution makes specific points on what OCR considers reasonable and appropriate technical safeguards of the Security Rule.  If you aren’t up to date with all of your software, it does matter very much once malware finds you. There are...

read more
And the hits just keep on coming!

And the hits just keep on coming!

Takeaways: Yet another notice that HIPAA enforcement and liability is not something to keep putting off until later.  The web of liability means it is no longer just yourself you have to worry about being caught up in audits or breaches. And the hits just keep on...

read more
Sue for HIPAA Negligence? No way. Way!

Sue for HIPAA Negligence? No way. Way!

Takeaways: HIPAA keeps getting more important to the business for CEs and BAs but who is going to have to learn the hard way for your office to take note? The Connecticut case of Emily Byrne vs. Avery Center for Obstetrics and Gynecology involves a patient who sued a...

read more
They want what!?

They want what!?

Takeaways: No longer are small providers “too small” for OCR to conduct a breach investigation. In an article concerning a breach investigation a copy of the information requested in the OCR letter was included. The items were to be supplied within 20 days. When I...

read more
HIPAA One and Done has Gone the Way of the Dodo

HIPAA One and Done has Gone the Way of the Dodo

Takeaway for today:  It is time to completely rethink the way you look at HIPAA Compliance requirements in your business.  HIPAA Compliance has changed.  It is no longer something you can just check off your list once or twice a year. A practice administrator told me...

read more
Russian Password Hack – Why Security Matters

Russian Password Hack – Why Security Matters

Takeaways:  If you use the same user name and password for anything that has access to PHI and some other mundane website or service (even a small one) change it today.  In fact, make sure you change all your PHI passwords to something different.  If one is hacked,...

read more
The fines are coming! The fines are coming!

The fines are coming! The fines are coming!

To borrow from Longfellow’s poem: Listen my children and you shall hear Of the midnight ride of Paul Revere, In this case, it isn’t a midnight ride but a late afternoon speech by Jerome B. Meites, a chief regional civil rights counsel at HHS, in Chicago.  Historians...

read more
800,000 Reasons You Need Workforce Training

800,000 Reasons You Need Workforce Training

The recent HHS settlement in the case of 71 cardboard boxes of medical records being left on a physicians driveway is your 800,000 reasons, and they are all in cold, hard cash.  Here is the key detail about what happened direct from the resolution agreement: On June...

read more

No Better Time to Get Started

Privacy and security programs require persistent care and monitoring. There will never be a better time to get started.